In the last hours the National Registry of Persons (RENAPER), the state body in charge of the identification and registration of individuals in Argentina, was a trend in social networks due to an alleged hack in which the data of more than 45 people had been leaked. millions of DNI. Several users reported that criminals had sold personal data, although the agency denied it.

Faced with concern, they issued a statement in which they reported: “A criminal complaint was formalized yesterday before the Federal Criminal and Correctional Court No. 11 Secretary No. 22 after detecting that, through the use of keys granted to public bodies, in this case the Ministry of Health, images were leaked as belonging to personal procedures carried out at the Renaper “.

In addition, they clarified: “From the agency dependent on the Ministry of the Interior it was confirmed that it was an improper use of the user or theft of the user’s password, and that the database did not suffer any data breach or leak”.

According to the investigation released by the Renaper, on Saturday, October 9, the entity was alerted that a Twitter user identified by the name of @aniballeaks – an account that was reported and is currently suspended – had published the images of 44 people, among which were officials and public figures of knowledge in general.

THE COMPLETE RELEASE OF RENAPER

The National Registry of Persons (Renaper) yesterday formalized a criminal complaint before the Federal Criminal and Correctional Court No. 11 Secretary No. 22 after detecting that, through the use of passwords granted to public bodies, in this case the Ministry of Health, images were leaked as belonging to personal procedures carried out at the Renaper. From the agency dependent on the Ministry of the Interior it was confirmed that it was an improper use of the user or theft of the user’s password, and that the database did not suffer any data breach or leak.

On Saturday, October 9, the Renaper learned that a Twitter user identified by the name of @aniballeaks – an account that was reported and is currently suspended – had published the images of 44 individuals on said social network, including they found officials and public figures of knowledge in general.

Confirming what happened, the Renaper IT security team made a query on the 44 people involved in order to survey the last consumptions made through the use of the Digital Identity System (SID) on said profiles, detecting that 19 images had been consulted in the exact moment they were published on the social network Twitter from an authorized VPN (Virtual Private Network) connection between ReNaPer and the Ministry of Health of the Nation, and all the images had recently been consulted from that same connection.

Said connection would have made several individual queries to the Renaper databases between 15:01 and 15:55 through the SID data validation service which, once the person’s DNI and Sex are invoked, returns to the person who consults all the data printed in the National Identity Document, including image and other personal data, which were then immediately uploaded to the social network Twitter, without the consent of the Holder of the same.

After this preliminary analysis, the specialists confirmed, an unauthorized entry into the systems or a massive leak of data from the agency was ruled out outright.

Likewise, it was detected that an individual authorized user had improperly used the identity validation service for personal purposes through an authorized certificate from the Ministry of Health of the Nation, connecting through the corresponding VPN, with username and password.

Disclaimer: If you need to update/edit/remove this news or article then please contact our support team Learn more

Leave a Reply