A threat actor has allegedly offered for sale the entire database of the “Portal Empleo Alcàsser,” the official employment portal for the City Council of Alcàsser. Alcàsser is a municipality located in the province of Valencia, Spain. The actor posted the sale on a forum on August 26, 2025, claiming the data contains sensitive information belonging to citizens, local companies, and city council employees who used the platform. As a municipal government entity, the council’s portal handles a significant amount of personally identifiable information of its residents, making this alleged breach a serious concern for local citizens.
The compromised data allegedly includes a wide range of personal details. The threat actor claims the database contains information on all citizens registered on the portal, details about vacant positions listed by companies, and information pertaining to city council workers. The advertised data fields suggest a comprehensive breach of the portal’s user records. The sale of such data on underground forums could expose the victims to various risks, including identity theft, phishing campaigns, and other malicious activities.
The allegedly leaked data includes the following fields:
- First name
- Last name
- ID number
- Email address
- Registration Date
