Parques Reunidos Group, a Spanish amusement park company with more than 60 parks worldwide, is investigating a cyberattack after the BianLian ransomware group claimed to have stolen sensitive information, including passport details of employees, data on park-related incidents, financial records, and legal documents.
The company did not disclose whether the attack had affected its operations, but it admitted that it had been subjected to an “unauthorized external access” to its computer systems.
BianLian, which has targeted various industries since December 2021, claimed responsibility for the attack. The Spanish Data Protection Authority and law enforcement agencies were informed about the incident.
Upon discovering the attack, Parques Reunidos attempted to contain the damage and shut down affected systems. The company hired cybersecurity experts to investigate the incident, blocked remote access connections, and changed all passwords that allowed employees to access information systems.
The IT team also isolated its data center and blocked users with affected information systems. The company plans to implement extraordinary awareness and training actions, implementation of conditional access for certain accounts, and planning actions to increase the number of sources reporting to the log event collector.
Parques Reunidos urged customers or employees to contact the company’s data protection officer if they discover that their personal data is being misused or if they notice “phishing or spamming campaigns from Parques Reunidos.”
The company is continuing its forensic investigations and committed to taking further action to enhance its cybersecurity safeguards.
