Sanxenxo suffers cyber attack: Galician municipality refuses ransom payment

According to sources close to the local government, the city of Sanxenxo in Galicia faced a ransomware attack that severely compromised its administrative operations. The incident, which occurred on January 26, completely shut down the municipal servers and disrupted essential services for the more than 17,000 residents of the town. Sources familiar with the case confirmed that the cybercriminals demanded $5,000 in Bitcoin as ransom.

The impact on municipal services

The effectiveness of the attack left thousands of the city’s administrative files disabled, limiting access to critical databases. Among the affected services were municipal license management, taxpayer records, building permit documentation, and citizen service systems. The total shutdown of digital infrastructure forced municipal employees to work manually, significantly slowing down community service.

Institutional response and security measures

Sanxenxo authorities reported the incident to the Spanish Civil Guard, triggering an investigation into cybercrimes. Close sources to the town hall revealed that the local administration took a firm stance: categorically refusing to pay the demanded ransom. Instead, the municipal technical team implemented an intensive system restoration protocol using daily backups, allowing for the gradual recovery of server functionality. This defensive strategy reflects a growing trend among Spanish public agencies to prioritize cybersecurity over the demands of digital extortionists.