An alleged cybercriminal claims that he stole the personal data of more than 45 million citizens from the National Registry of Persons. What data did you expose
The photos of the DNI of several dozen of personalities recognized in the country were published this weekend under a Twitter account with the name of “HannibalLeaks “.
Is about an alleged cybercriminal who claims that he hacked and stole personal data of more than 45 million citizens from the National Registry of Persons (RENAPER).
The account @aniballeaks was created on Twitter on September 25. Although today it is suspended, at that time it had published the leak of information of 1,200,000 members of the Armed and Security Forces of Argentina, stolen from a database of a social work.
Account is currently suspended
“All the personal data of the Gendarmerie, Army, Naval Prefecture, Navy, Air Force, Ministry of Defense> 1,193,316 records”, was the first message from said user.
This weekend the Twitter profile “AníbalLeaks” was reactivated and spread ID photos of personalities such as Alberto Fernández, Marcelo Tinelli, Lionel Messi, Máximo and Florencia Kirchner, Elisa Carrió, Sandra Arroyo Salgado and Alberto Nisman, Jorge Lanata, Nelson Castro and Alfredo Leuco, among others. The person behind that account adopted the name Fr3d3r1c.
I do not have all the captures, but among the politicians were Aníbal Fernández (with cell phone number included), Máximo Kirchner, Pichetto, Wado De Pedro, Carrió, Santilli, Larreta, Vidal, Parrilli, Santiago Cafiero, Patricia Bullrich and several others. pic.twitter.com/amIzy3w9VM
– Javier Smaldone (@ mis2centavos) October 10, 2021
Different specialized sites targeted a user of a site that serves as an underground market, a forum in which hackers offer their services and the data they obtain in their attacks. The user uses the nickname “CFK”, also responsible for the leakage of data from the Institute of Social Work of the Armed Forces and Security (IOSFA).
Some of the famous “DNI Gate”
RENAPER criminal complaint
RENAPER filed a criminal complaint with Federal Criminal and Correctional Court No. 11. According to the state agency, “through the use of keys granted to public bodiesIn this case, the Ministry of Health, images were leaked as belonging to personal procedures carried out at the Renaper. From the agency dependent on the Ministry of the Interior it was confirmed that it was an improper use of the user or theft of the user’s password and that the database did not suffer any violation or leak “.
“On Saturday, October 9, the Renaper learned that a Twitter user identified by the name of @aniballeaks – an account that was reported and is currently suspended – had published the images of 44 individuals on said social network, among whom were officials and public figures of knowledge in general, “says the letter.
And he adds: “The Renaper computer security team made a query about the 44 people involved in order to survey the latest consumptions made by using the Digital Identity System (SID) on said profiles, detecting that 19 images had been consulted in the exact moment they were published in the red social Twitter from an authorized VPN (Virtual Private Network) connection between ReNaPer and the Ministry of Health of the Nation, and all the images had recently been consulted from that same connection “.
This is unprecedented data theft
This is an unprecedented hack since the RENAPER database contains the private data of all the inhabitants of the country.
It is an event of even greater magnitude than the one carried out last year by the National Directorate of Migration, since on that occasion only the data of those who entered or left the country had been filtered.
Indeed, the “DNI Gate” would affect the 45 million inhabitants of the territory who have a national identity document, since they have been leaked:
- Document numbers
- Procedure number (used for procedures such as obtaining an online credit)
- Dates of birth
- Cell phone numbers in some cases (in networks it is stated that the telephone number of the Minister of Security, Aníbal Fernández, was disseminated)
Beyond the attack on the privacy of users, they are also left defenseless against identity theft, since the DNI processing number is required for the granting of online credits. It is also possible that virtual kidnappings take place.