Private and sensitive information of more than one million members Argentina’s various military services was leaked on the dark web and various hacking forums.
On 26 September 2021 a user on a popular hacking related forum claimed to possess sensitive information of more than 1 million members of various military branches and institutions of Argentina.
Update – 13 October: The same hacker claims to sell sensitive ID card data on millions of Argentinians as well as access to internal government communications network.
The user in question claimed to have obtained said data from unidentified dark web hackers. The data in question is being distributed on various dark web sites and hacking forums apparently free of charge.
It is unclear how the hackers have obtained this data but based on previous similar incidents it likely involves the penetration of one or more Argentine government run websites and databases.
Update 30 September 2021: Based on the initial report published by Privacy Affairs, the Argentinian publication La Nación managed to receive confirmation from IOSFA (Institute of Social Work of the Armed Forces) that the database leak did indeed take place.
However, the government agency points out that the leak did not happen to due to a cyber attack. It was further pointed out that the leaked data is outdated and incomplete. An investigation is underway, according to the IOSFA.
This is how the forum posting looked like (sensitive information was redacted to protect privacy of affected individuals):
The data available claims to contain information on a total of 1,193,316 Argentine military servicemen and employees of various national defence agencies.
The data purports to contain the full names, civil status, gender, precise address, telephone numbers, email and rank of the affected individuals. The leak – if genuine – may be affecting the privacy of more than one million individuals.
The following Argentine institutions seem to be affected:
- Argentine Naval Prefecture (Spanish: Prefectura Naval Argentina)
- Argentine Army (Spanish: Ejército Argentino)
- Argentine Air Force (Spanish: Fuerza Aérea Argentina)
- Argentine Navy (ARA; Spanish: Armada de la República Argentina)
- Argentine National Gendarmerie (Spanish: Gendarmería Nacional Argentina)
- Ministry of Defense (Spanish: Ministerio de Defensa)
String of law enforcement & military leaks
This new leak follows an earlier one from approximately two weeks ago that claims to contain sensitive information on around 13,000 members of the Argentine Police.
While it seemingly does not affect as many individuals as the Defence Ministry leak, this one also contains facial records (images) of the affected law enforcement personnel along with their full names.
The hackers claim to have obtained this data due to it being exposed after a bad indexing configuration during a fuzzing. Fuzzing is an automated software testing technique involving providing unexpected and invalid or random data to a computer application. It’s usually used to expose bugs and break-points in a system.
Another leak reported in September was the one affecting the El Salvador National Police. During that leak personal information of more than 30,000 members of the El Salvador National Police were dumped on various dark web forums.
This time the source of the breach appeared to be the infamous hacking group FocaLeaks known for the hacking of various government agencies and institutions through the last few months.
Note: Due to legal reasons, Privacy Affairs was unable to verify the authenticity of the data. This is a report on claims made by various anonymous persons on different dark web forums.
Accessing such information, even for verification purposes, may violate Argentinian laws, as such we were unable to verify the information’s authenticity.