In recent weeks, information has been circulating about an alleged Treasury hacking which would be affecting companies and the self-employed. However, as of today there is no official confirmation of any breach in the Tax Agency's systems.
As explained by DAXIA in its technical analysis of the case, what has been detected is a significant increase in phishing campaigns companies, taking advantage of the media noise.
https://daxia.es/blog/hackeo-hacienda-2026
What kind of attacks are occurring?
Cybercriminals are using emails and messages pretending to be official communications to:
- Capture access credentials.
- Obtain passwords.
- Access to digital certificates used for tax procedures.
When a company falls into this type of deception, we are not facing a Treasury failure, but in the face of a internal security breach, with possible legal, operational and reputational consequences.
Risks for companies in the industrial and machinery sector
In companies with frequent administrative activity - tax filings, subsidies, tenders or relations with the Administration - the improper use of a digital certificate may:
- Interrupt key tax procedures.
- Compromise sensitive information.
- Generate incidents that are difficult to audit at a later date.
- Derive in sanctions if personal data is affected.
Recommended best practices
Regardless of the size of the company, these measures should be considered basic:
- Never access the Tax Agency from external links.
The entry must always be made through the official website. - Custody of digital certificates with control and criteria.
Avoid use on shared or unprotected equipment. - Record who uses each certificate and for what purpose.
Facilitates internal audits and reduces risks. - Revoking and renewing certificates in case of suspicion.
It is an effective and simple preventive measure. - Document phishing attempts or suspicious communications.
Even if there is no impact, it provides traceability and evidence.
Conclusion
There is no reason to be alarmed by a non-existent mass hacking, but there is reason to be alarmed by a non-existent mass hacking. to reinforce preventive measures against social engineering attacks, which continue to be one of the main gateways to security incidents in companies.
ANMOPYC promotes the adoption of best practices that allow companies in the sector to operate with greater security, resilience and regulatory compliance in an increasingly digitized environment.
