A few days ago a cybercriminal managed to access the systems of the National Registry of Persons (RENAPER), the Argentine government agency in charge of the identification and registration of its citizens, leaking a 2.7 GB file and demanding a ransom in exchange for not exposing more sensitive information, according to Argentine media.
As if that were not enough, the threat actor claims to have access to the records of the 45 million Argentine citizens. The authorities acknowledged the illegitimate access to RENAPER’s systems, although they did not confirm the exposure of personal data.
The incident was detected a few days ago, when a Twitter account identified as AníbalLeaks began publishing photos of the official identifications of hundreds of people, including renowned personalities such as President Alberto Fernández, Marcelo Tinelli, Alberto Nisman, Sandra Arroyo Salgado, Nelson Castro and the world-renowned footballer Lionel Messi.
After this initial leak, the person responsible for the attack leaked a total of 60,000 entries extracted from RENAPER. The ‘.json’ extension file was posted on a dark web forum frequented by cybercriminals dedicated to buying and selling stolen information; this post has been viewed about 15,000 times.
In exchange for not disclosing the rest of the compromised information, the threat actor demands a ransom of $17,000 USD in Bitcoin, cybersecurity specialists say. It is unknown whether authorities plan to negotiate with the attacker or address the problem with other methods.
Investigators believe that the person responsible for the attack would have entered a stolen username and password from a virtual private network (VPN) platform, the same hypothesis that the security teams of the Ministry of Health handle. Authorities rule out a massive cyberattack, pointing to an isolated incident for data breach.
As a security measure, the Ministry of Health revoked all existing accesses to the RENAPER database, although this is a temporary measure and the authorities will still have to implement a massive password reset to avoid a similar incident in the near future.
While the authorities rule out a massive data breach, the hacker’s threats should not be dismissed, since if his words are true this could be the first time in the history of computer security that personal details of all the inhabitants of a country are leaked.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a cyber security and malware researcher. He studied Computer Science at Miami and started working as a cyber security analyst in 2008. He is actively working as an cyber security investigator. He also worked for security companies like Cisco. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.