https://therecord.media/hacker-steals-government-id-database-for-argentinas-entire-population/ * [matomo] [ ] [go] [PrimaryLog] * Leadership * Cybercrime * Nation-state * Government * People * Technology * About * Contact * [ ] [go] Subscribe to our newsletter [ ] [go] Subscribe Hacker steals government ID database for Argentina's entire population Image: Angelica Reyes Catalin Cimpanu October 18, 2021 Hacker steals government ID database for Argentina's entire population Cybercrime Government News * * * * * Catalin Cimpanu October 18, 2021 * Cybercrime * Government * News * * * * * Hacker steals government ID database for Argentina's entire population A hacker has breached the Argentinian government's IT network and stolen ID card details for the country's entire population, data that is now being sold in private circles. The hack, which took place last month, targeted RENAPER, which stands for Registro Nacional de las Personas, translated as National Registry of Persons. The agency is a crucial cog inside the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens, data that it also stores in digital format as a database accessible to other government agencies, acting as a backbone for most government queries for citizen's personal information. Lionel Messi and Sergio Aguero data leaked on Twitter The first evidence that someone breached RENAPER surfaced earlier this month on Twitter when a newly registered account named @AnibalLeaks published ID card photos and personal details for 44 Argentinian celebrities. This included details for the country's president Alberto Fernandez, multiple journalists and political figures, and even data for soccer superstars Lionel Messi and Sergio Aguero. A day after the images and personal details were published on Twitter, the hacker also posted an ad on a well-known hacking forum, offering to look up the personal details of any Argentinian user. Argentina-DBImage: The Record Faced with a media fallback following the Twitter leaks, the Argentinian government confirmed a security breach three days later. In an October 13 press release, the Ministry of Interior said its security team discovered that a VPN account assigned to the Ministry of Health was used to query the RENAPER database for 19 photos "in the exact moment in which they were published on the social network Twitter." Officials added that "the [RENAPER] database did not suffer any data breach or leak," and authorities are now currently investigating eight government employees about having a possible role in the leak. Hacker has a copy of the data, plans to sell and leak it However, The Record contacted the individual who was renting access to the RENAPER database on hacking forums. In a conversation earlier today, the hacker said they have a copy of the RENAPER data, contradicting the government's official statement. The individual proved their statement by providing the personal details, including the highly sensitive Tramite number, of an Argentinian citizen of our choosing. "Maybe in a few days I'm going to publish [the data of] 1 million or 2 millon people," the RENAPER hacker told The Record earlier today. They also said they plan to continue selling access to this data to all interested buyers. When The Record shared a link to the government's press release in which officials blamed the intrusion on a possibly compromised VPN account, the hacker simply replied "careless employees yes," indirectly confirming the point of entry. According to a sample provided by the hacker online, the information they have access to right now includes full names, home addresses, birth dates, gender info, ID card issuance and expiration dates, labor identification codes, Tramite numbers, citizen numbers, and government photo IDs. Argentina currently has an estimated population of more than 45 million, although it's unclear how many entries are in the database. The hacker claimed to have it all. This is the second major security breach in the country's history after the Gorra Leaks in 2017 and 2019 when hacktivists leaked the personal details of Argentinian politicians and police forces. * * * * * Tags * Argentina * data breach * data leak * hacker * ID card * Lionel Messi * PII * RAID forum * RENAPER * Sergio Aguero Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers. Previous article Next article CISA, FBI, and NSA warn of BlackMatter attacks on agriculture and other critical infrastructure REvil gang shuts down for the second time after its Tor servers were hacked Briefs * CISA, FBI, and NSA warn of BlackMatter attacks on agriculture and other critical infrastructure October 18, 2021 * Countries agree to fight ransomware together after White House meetings October 14, 2021 * Ad-blocker caught injecting ads in search results October 14, 2021 * Acer confirms second security breach this year October 14, 2021 * Verizon-owned wireless carrier Visible confirms account hacks, denies breach October 13, 2021 * Cyberattack hits Melia, one of the largest hotel chains in the world October 13, 2021 * Dutch police send warning letters to customers of DDoS booter service October 12, 2021 * White House to federal agencies: Step up your endpoint monitoring October 12, 2021 * Azure, GitHub, GitLab, BitBucket mass-revoke SSH keys following bug report October 12, 2021 * Report: China's network security spending set to double in first half of 2021 October 12, 2021 * Apple patches iPhone zero-day in iOS 15.0.2 October 11, 2021 * Ukraine arrests operator of DDoS botnet with 100,000 bots October 11, 2021 [PrimaryLog] * * * * * Contact * About Us * Privacy Policy (c) Copyright 2021 | The Record by Recorded Future