the attack probably happened last month, but the first evidence of proof only appeared earlier this month, with the publication of photos of the identity documents and personal data of 44 public figures in Argentina. The photos were posted on Twitter, by a newly created account.
football players, Lionel Messi and Sergio Aguero; the president of Argentina, Alberto Fernandez; in addition to several journalists and political figures argentine are among the personalities exposed on Twitter.
After the exposure on Twitter, cybercriminals announced a kind of query of any Argentine citizen in this database, in a cybercriminal forum quite popular on the shallow internet.
Argentine government denies leak
As The Record found out, Renaper recognizes unauthorized access to your systems, but denies that your databases have been fully compromised and also denies any possible data leakage. In a statement in response to the exposure of Argentine personalities on Twitter, the agency said its “database has not suffered any data breaches or leaks”.
However, he explains that his security team investigated the case and found that “19 images [internas do Renaper] were consulted at the exact moment they were published on the social network from an authorized VPN connection between Renaper and the Ministry of Health, and all the images had been recently consulted from that same link”.
“That link would have made several individual queries to the Renaper databases between 15:01 and 15:55 through the SID data validation service which, once the person’s ID and gender is invoked, returns to the person querying all data printed on the National Identity Card, including image and other personal data, which were immediately uploaded to the Twitter social network, without the consent of the holder“, concludes Renaper in the statement.
The Record informs that spoke with the author of the ad in the cybercriminal forum, who claims to have a copy of the entire database of Argentine citizens’ records, contradicting the Government’s statement. As proof of this, cybercriminals have promised to expose another 1 or 2 million Argentines.
Sources: the record; Renaper; TheHack.