KelvinSecurity Hacking Group Sells 13GB of Files on Mexican Political Party Morena

Miklos Zoltan

By Miklos Zoltan . 2 September 2023

Founder - Privacy Affairs

Hacking group KelvinSecurity is currently claiming to possess and sell 13GB of data and information about the Mexican political party MORENA. They made the announcement on their forum and on the Dark Web.


  • KelvinSecurity is selling information about MORENA from 2016 to 2023
  • The files include information about militants, party members, financial managers, and campaign financing
  • It is to be expected that KelvinSecurity will sell this 13GB informational package on the Dark Web, as they usually do
  • MORENA has issued no statement about the informational leakage yet

KelvinSecurity, a well-known hacking group, has announced that they’ve gotten their hands on 13GB worth of private information about MORENA.

Morena Hack

The National Regeneration Movement, as most will know it, is the political party of the current president of Mexico. KelvinSecurity claims it possesses information about the party’s financial managers, members, militants, and financial data.

The hacking group is known to target both national and international platforms. They don’t appear to be politically-driven nor do they target anyone specifically. This makes it harder for authorities to foresee future attacks.

Previous Attacks by KelvinSecurity

KelvinSecurity is a notorious data seller on the Dark Web. They provide valuable data to cybercriminals and hackers alike. They’re data brokers, simply put.

They’re best known for attacking Vodafone Italy, and the German Institute of Global and Area Studies (GIGA).

From the latter, they’ve stolen Drupal databases and SQL, up to 1GB of confidential data about the staff and employees of the educational institution.

They’ve also attempted to sell information about the Ecuador Armed Forces in one of the biggest data breaches in recent times. They leaked information about the external and internal defenses, war strategies, soldiers, and secret documents.

As a data broker and informer, KelvinSecurity is often responsible for providing initial access to cybercriminals to high-value targets. They help them exploit vulnerabilities and gain unauthorized access to various systems.

The group has already established itself as a valuable information broker for the Dark Web. They generally don’t engage in full-fledged attacks but instead facilitate these breaches to other, more active groups.

There also doesn’t seem to be a pattern to their attacks. At one time, KelvinSecurity exposed the BMW customer database and the Frost & Sullivan databases.

They hail themselves as business intelligence contractors but their history is clouded in less legal activities. As with the MORENA data sell-out, it seems they’re not afraid to stoop low to achieve their goals.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment