What data was allegedly leaked?

Personal data of employees of Spain's Agencia Tributaria (AEAT), the national tax agency. The threat actor claims the data includes staff of all ranks and ages, noting these are individuals who do not hold public-facing roles and are not publicly known to work for the tax agency.

Personal Data of Agencia Tributaria (AEAT) Employees Allegedly Leaked Including Staff of All Ranks and Ages

Quick Facts

Date & Time 2026-03-09 01:49:24 UTC

Threat Actor PoliceEspDoxedBF

Victim Country Spain

Spain

Industry Government / Taxation

Victim Organization Agencia Tributaria (AEAT)

Victim Site agenciatributaria.es

Category Data Leak

Severity Critical

Network Open Web

Total Records Unknown

Incident Overview

A threat actor using the handle PoliceEspDoxedBF has uploaded the personal data of employees of the Agencia Tributaria (AEAT), Spain's national tax administration agency responsible for managing the country's tax system and customs. The actor claims the leak covers staff of all ranks and ages within the organization.

The threat actor specifically notes that the exposed individuals are not public-facing employees and are not publicly known to work for the tax agency, meaning their privacy is enhanced and this leak effectively exposes their affiliation with AEAT for the first time. This type of doxing targeting government tax employees carries serious risks, as it could enable harassment, social engineering, or targeted attacks against individuals responsible for tax enforcement and auditing.

Redacted samples were posted in the listing showing what appears to be structured personal data for multiple employees.