100% of Argentina Had Their Data Breached

This just in. The Record reports that a hacker breached the Argentinian government’s IT network and stole ID card details for the country’s entire population. That data is now being sold online.

The entire country has had its data breached in a single attack.

The details are a literal gold mine of information for fraudsters and scammers and can be used in future attacks.

The Hack Appears To Have Come From The Country Registry

The data was stolen from the RENAPER database, which stands for Registro Nacional de las Personas, which means the National Registry of Persons.

According to a sample provided by the hacker online, the information they have access to right now includes full names, home addresses, birth dates, gender info, ID card issuance, and expiration dates, labor identification codes, Trámite numbers, citizen numbers, and government photo IDs.

The First Indication Came From a Twitter Account

The first indication of the attack came when a newly created Twitter account emerged. The Twitter account, which is now suspended, @AnibalLeaks, published photos of ID Cards and details of 44 famous Argentinian celebrities.

The hacked photos included details on the President of Argentina Alberto Fernández, several journalists and political figures, and even data for soccer superstars Lionel Messi and Sergio Aguero.

The hacker(s) then posted a comment that assured they were serious; “I could publish the personal data of 1 or 2 million people”, they assured.

The Government Investigated The Hack And Are Now Investigating 8 Government Employees

The government security teams investigated the hack and determined that someone either stole or compromised the credentials that were issued to the Ministry of Health.

According to a press release issued by the government, they do not believe it was a massive attack and was an isolated incident but details posted online seem to refute that theory.

The press release advised that the IT security team made a query on the 44 people involved in order to survey the last consumptions made through the use of the Digital Identity System (SID) on said profiles, detecting that 19 images had been consulted in the exact moment in which they were published on the social network Twitter from an authorized VPN (Virtual Private Network) connection between the Renaper and the Ministry of Health of the Nation, and all the images had recently been consulted from that same connection.

All of the fraudulent connections were made between 15:01 and 15:55 through the SID data validation service.

According to The Record, investigators are looking into 8 government employees that they believe could be responsible.

I am Frank McKenna, a fraud expert from San Diego. The views and opinions expressed here are entirely my own and do not reflect those of Point Predictive.