Judge Calama declares the proceedings secret and requests reports from the Tax Agency and the National Cryptologic Center

MADRID, 10 Nov. (EUROPA PRESS) –

The judge of the National Court (AN) José Luis Calama investigates the cyberattack suffered last October by the Judicial Neutral Point, the communication system managed by the General Council of the Judiciary (CGPJ) that allows centralizing and transferring requests for information between the judicial bodies and the Tax Agency, the Police or the National Institute of Social Security.

As reported by the National Court itself, the head of the Central Investigating Court Number 4 agreed on October 20 to initiate preliminary proceedings as a result of a complaint filed by the governing body of the judges in which the cyberattack was warned, that could have affected personal data of taxpayers deposited in the databases of the Tax Agency.

As a first measure, Judge Calama has decreed the secrecy of the proceedings for a period of one month while requesting a series of reports from the Tax Agency and the National Cryptologic Center on the scope of the reported events.

The same, explain from the National High Court, could constitute a crime against a high body of the nation and, without prejudice to further qualification, a crime of discovery and disclosure of secrets.

The Council itself reported this week on the attack, which would have been detected in the second half of October. “From that very moment, cybersecurity measures were adopted to contain and neutralize computer attacks of this type,” the CGPJ explained in a statement.

The governing body of the judges stated in it that the Judicial Neutral Point was “used by the attackers to access other public institutions” and stressed that in the attack “data relating to judicial proceedings or other information in power of the courts and tribunals.

From the Council they explained that, once the cyberattack was detected, the facts were brought to the attention of the Cybersecurity Operations Center of the General Administration of the State and its Public Bodies (COCS), as well as the National Cryptologic Center (CCN-CERT).

According to the CGPJ, after said notification –and in coordination with both centers–“the corresponding investigative and mitigating measures” were adopted. Likewise, the Council notified the Spanish Agency for Data Protection (AEPD) and the Data Protection Supervision and Control Directorate of the judges’ own governing body.