Exploit: Hacking
Registro Nacional de las Personas (RENAPER): National Identity Database
Risk to Business: 1.232=Extreme
Hackers have broken into the Argentina Interior Ministry’s IT network and stolen a massive amount of data from Registro Nacional de las Personas (RENAPER)/National Registry of Persons. That extremely sensitive database contains ID card details for the country’s entire population. The leak was announced when a Twitter user posted ID card photos and personal details for 44 Argentinian celebrities including the country’s president Alberto Fernández and soccer superstars Lionel Messi and Sergio Aguero. While the Argentine government admits to the hack, they maintain that no data was stolen. However, cybersecurity experts and journalists were able to contact the threat actors through a dark web posting and confirm the authenticity of the database. The hackers appear to have gained access through a compromised VPN.
Risk to Business: 1.222= Extreme
According to a sample provided by the hacker online, the information they have access to right now includes full names, home addresses, birth dates, gender info, ID card issuance and expiration dates, labor identification codes, Trámite numbers, citizen numbers, and government photo IDs.
Customers Impacted: The population of Argentina is 45 million
How it Could Affect Your Customers’ Business A strong security culture helps reduce the likelihood of an incident caused by employee carelessness as this one reportedly was.
Source: The Record