The Mexican government has fallen victim to a hack reportedly done by “Guacamaya” threat actors.
Mexican government falls victim to hack.
Reuters reports that the Mexican government has fallen victim to a cyberattack. The data compromised belonged to the Defense Ministry, and included information about the president’s health condition.
Other information contained in the hack included information about criminals, transcripts of communications, and information monitoring the US ambassador to Mexico. The hack revealed that the president, Andres Manuel Lopez Obrador, has been diagnosed with angina, and had 10 medical appointments in January.
It may have been a hacktivist action. The group has been identified as “Guacamaya,” or “macaw” in Spanish. The Record by Recorded Future reports that Guacamaya is an environmental collective, and documents released were stolen from a few different agencies within Latin American countries, including “Secretaría de la Defensa Nacional in México, the Policía Nacional Civil in El Salvador, the Comando General de las Fuerzas Militares in Colombia, the Fuerza Armada in El Salvador and the Ejercito of Peru.”
“I understand that this group has already done the same thing in other countries, I think in Colombia and in Chile. That is why I think that it is something that is being directed from abroad,” said President Lopez Obrador.
Guacamaya is reported to have used ProxyShell, a group of Microsoft vulnerabilities, to gain access to the military’s systems. The president said that he has no fear of damaging information coming out from the leaks, as the government has nothing to hide.
“If we hid things, if we were promoting corruption, violating human rights, repressing the people, then yes, we would have to hide information.”