Hacker Steals Government Database Of All Argentine Citizens

CyberCrimeGovernement-ITRegulationSecuritySecurity Management
data breach, security breaches

Argentine government database containing ID card data of all citizens has been stolen by a hacker, and that data is now reportedly being sold online

The citizens of Argentina have suffered a collective data breach, after a government network was compromised by a hacker, who then stole a treasure trove of data.

This is because the hacker stole a database containing the ID card details for Argentina’s entire population of nearly 46 million people, The Record has reported.

And even worse news is the hacker is reportedly selling that data in private circles, providing a potential goldmine of personal data for future exploits, scams and attacks.


Argentinian breach

According to the Record the hack took place in September, and it compromised Argentina’s RENAPER, which stands for Registro Nacional de las Personas.

This is translated as the National Registry of Persons.

This is an agency that is reportedly a crucial part of the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens in Argentina.

The collected ID card data is stored in a database that can be accessed by other branches and agencies of the Argentinian government, and reportedly acts as a backbone for most government queries for citizen’s personal information.

According to the Record, the first evidence that someone breached RENAPER surfaced earlier this month on Twitter when a newly registered account named @AnibalLeaks published ID card photos and personal details for 44 Argentinian celebrities.

This included the ID card details of the country’s president Alberto Fernández, multiple journalists and political figures, and even data for football superstars such as Lionel Messi and Sergio Aguero.

A day after the images and personal details were published on Twitter, the hacker also posted an ad on a well-known hacking forum, offering to look up the personal details of any Argentinian user.

As local media picked up the data breach, the Argentinian government confirmed the breach three days later.

The government’s Ministry of Interior issued a press release in which it said its security team discovered that a VPN account assigned to the Ministry of Health was used to query the RENAPER database for 19 photos “in the exact moment in which they were published on the social network Twitter.”

Officials added that “the [RENAPER] database did not suffer any data breach or leak,” and authorities are now currently investigating eight government employees about having a possible role in the leak.

Whole database

However, The Record contacted the individual who was renting access to the RENAPER database on hacking forums.

In a conversation, the hacker said they have a copy of the RENAPER data, contradicting the government’s official statement.

The individual proved their statement by providing the personal details, including the highly sensitive Trámite number, of an Argentinian citizen of our choosing.

“Maybe in a few days I’m going to publish [the data of] 1 million or 2 million people,” the RENAPER hacker apparently told The Record.

The hacker also reported said they plan to continue selling access to this data to all interested buyers.

There have been other security breaches in previous years in Argentina, including the Gorra Leaks in 2017.

In 2019 hacktivists also reportedly leaked the personal details of Argentinian politicians and police forces.

In 2013 police in Buenos Aires arrested a 19-year-old suspected of making $50,000 (£31,500) a month through cyber crime.

Author: Tom Jowitt
Click to read the authors bio  Click to hide the authors bio