Hacker Scammed And Stole The Data Of All 45 Million People In Argentina


The citizens of Argentina have suffered a collective data breach, after a government network was compromised by a hacker, who stole a treasure trove of data from it.

And at this time, it is said that the hacker is selling the information to whoever wish to buy it through an cybercriminal underground forum.

According to reports, it is said that the person managed to hack into Argentina's National Registry of Persons (RENAPER or Registro Nacional de las Personas), and stole sensitive information of all 45 million citizens in Argentina.

"I sell all the data in the National Identity Document (DNI) of every person in Argentina," the hacker wrote.

The data the alleged person stole, include names, home addresses, birthdays, Trámite numbers, citizen numbers, government photo IDs, labor identification codes, ID card issuance and expiration dates.

This kind of data is a potential goldmine of personal data for future exploits, scams and also attacks.

The hacker confirmed how easy it was to break into Argentina's National Registry of Persons, saying that it was "careless employees" that allowed him into the system.

45 million Argentinians hacked
A post on a hacker forum showing a thread where the hacker sells the stolen data of all 45 million people in Argentina.

Argentina’s RENAPER, which stands for Registro Nacional de las Personas, is the national registry for its citizens.

The agency is a crucial part of the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all of Argentina's population.

The ID card data the agency issued, is stored in a database that can be accessed by other RENAPER branches, as well as other agencies of the Argentinian government.

In all, RENAPER acts as the backbone for most government queries for citizen’s personal information.

The hack and leak first surfaced when someone who went by the name @aniballeaks published ID card photos and personal details of 44 Argentinian celebrities, including footballers Lionel Messi and Sergio Aguero.

The data also included the ID card details of the country’s president Alberto Fernández, a number of other political figures, as well as journalists.

The hacker did this to attract attention.

Following the revelation, the hacker posted an ad on a well-known hacking forum, offering a way to look up for personal details of any Argentinian.

When reached, the government of Argentina denied that the National Registry of Persons had been hacked.

But the statement that was released on October 13th, also said that a VPN from someone within the Ministry of Health had been used to access the Digital Identity System, right before the Twitter account leaked the initial data on the high-profile Argentines.

"The National Registry of Persons (Renaper) yesterday formalized a criminal complaint before the Federal Criminal and Correctional Court No. 11 Secretary No. 22 after detecting that, through the use of passwords granted to public bodies, in this case the Ministry of Health, images were leaked as belonging to personal procedures carried out at the Renaper. From the agency dependent on the Ministry of the Interior it was confirmed that it was an improper use of the user or theft of the user's password, and that the database did not suffer any data breach or leak.

On Saturday, October 9, the Renaper learned that a Twitter user identified by the name of @aniballeaks - an account that was reported and is currently suspended - had published the images of 44 individuals on said social network, including they found officials and public figures of knowledge in general.

Confirming what happened, the Renaper IT security team made a query on the 44 people involved in order to survey the latest consumption made through the use of the Digital Identity System (SID) on said profiles, detecting that 19 images had been consulted in the exact moment in which they were published on the social network Twitter from an authorized VPN (Virtual Private Network) connection between the Renaper and the Ministry of Health of the Nation, and all the images had recently been consulted from that same connection.

After this preliminary analysis, the specialists confirmed, an unauthorized entry into the systems or a massive leak of data from the agency was ruled out outright."

45 million Argentinians hacked
Argentina's President Alberto Fernández, when he tested positive for the 'COVID-19' coronavirus. The President is among the 45 million Argentinians who had their data leaked.

The Argentinian government confirmed the breach three days later.

In response, and to also help suppress the influence of the hacker, Twitter suspended the account @aniballeaks, banning the hacker from using Twitter indefinitely.

Before this incident, the most famous hacking and leak was the 'La Gorra', where hundreds of gigabytes of data was stolen from the servers of the Argentine Federal Police.