A hacker has breached the Argentinian government’s IT network & stolen ID card details for the country’s entire population, data that is now being sold in private circles.
The hack, which took place last month, targeted RENAPER, which stands for Registro Nacional de las Personas, translated as National Registry of Persons.
The agency is a crucial cog inside the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens, data that it also stores in digital format as a database accessible to other government agencies, acting as a backbone for most government queries for citizen’s personal information.
Lionel Messi & Sergio Aguero Data Leaked on Twitter
The 1st evidence that someone breached RENAPER emerged earlier in Oct. on Twitter when a newly registered account named @AnibalLeaks published ID card photos & personal details for 44 Argentinian celebrities.
This included details for the country’s president Alberto Fernández, multiple journalists & political figures, & even data for soccer superstars Lionel Messi & Sergio Aguero.
Hacking Forum
A day after the images & personal details were published on Twitter, the hacker also posted an ad on a well-known hacking forum, offering to look up the personal details of any Argentinian user.
Faced with a media fallout following the Twitter leaks, the Argentinian government confirmed a security breach 3 days later.
In an Oct. 13 press release, the Ministry of Interior outlined that its security team discovered that a VPN account assigned to the Ministry of Health was used to query the RENAPER database for 19 photos “in the exact moment in which they were published on the social network Twitter.”
Officials added that “the [RENAPER] database did not suffer any data breach or leak,” & authorities are now currently investigating 8 government employees about having a possible role in the leak.
Hacker has a Copy of the Data
In a conversation, the hacker stated they have a copy of the RENAPER data, contradicting the government’s official statement.
The individual proved their statement by providing the personal details, including the highly sensitive Trámite number, of a chosen Argentinian citizen.
Selling Access
“Maybe in a few days I’m going to publish the data of 1m or 2m people,” the RENAPER hacker explained. They also said they plan to continue selling access to this data to all interested buyers.
When a link was shared to the government’s press release in which officials blamed the intrusion on a possibly compromised VPN account, the hacker simply replied, “careless employees yes,” indirectly confirming the point of entry.
Claimed to Have It All
According to a sample provided by the hacker online, the information they have access to now includes full names, home addresses, birth dates, gender info, ID card issuance & expiration dates, labour identification codes, Trámite numbers, citizen numbers, & government photo IDs.
Argentina currently has an estimated population of more than 45m, although it is unclear how many entries are in the database. The hacker claimed to have it all.
This is the 2nd major security breach in the country’s history after the Gorra Leaks in 2017 & 2019 when hacktivists leaked the personal details of Argentinian politicians & police forces.
https://www.cybernewsgroup.co.uk/virtual-conference-november-2021/