A hacker boasted, with screenshots, that he actually has the information of millions of Mexicans.
According to Publimetro, a hacker identified as Ackerman put up for sale a database that allegedly contains personal and sensitive information of 12 million Mexican nationals.
The data would have been obtained after compromising the security of the federal government’s employment.gob.mx website.
Ackerman made the publication in the same forum ( Breachforums ) where in January of this year the personal data of more than two hundred journalists who attended the morning conference of President Andrés Manuel López Obrador were leaked too. According to the hacker , he obtained the information through the personal account of a Ministry of Labor and Social Welfare worker.
The sale of this database, without specifying the cost, began on February 21 at 3:45 p.m. The seller suggests contacting interested pareties through his personal Telegram account for more information on how to access the database.
Ackerman details that the database includes information such as the full name of the person registered on the platform, telephone number, email, age, gender, and socioeconomic level.
In addition, the database contains the Unique Population Registration Code (CURP) of those who registered at empleo.gob.mx looking for employment or offering job opportunities. The site currently has active 104,646 job offers, depending on the platform.
In the publication, the hacker indicates that he has data on each person’s previous jobs, academic information, job skills and all the details provided by candidates in their job search.
To support his claim of database access, Ackerman includes screenshots that reveal some people’s personal data, such as CURP , full name, date of birth, nationality, gender, personal phone number, and even a photograph in some cases.
How did the hack become known?
Víctor Ruiz , a certified cybersecurity instructor, was the one who discovered the sale of the database that contains personal information of millions of Mexicans. In X’s personal profile, he warned about the situation and urged the STPS and the National Employment Service (SNE) to provide information to citizens about what happened.
Following Víctor Ruiz ‘s notice , at Publimetro we reviewed the hacker’s information, who has a total of nine active publications. In addition to selling data from the Mexico base, he also makes posts where he acquires Spain databases and sells premium Netflix accounts.
⚠️🇲🇽Alerta: Presuntamente a la venta los datos de 12 millones de mexicanos registrados en el Portal del Empleo (https://t.co/dg0laCP2Kv) que incluye información personal, contacto, empleos previos, ingresos, CURP. Se le solicita a la #STPS y al #SNE que informen a la ciudadanía. pic.twitter.com/sw9sm886l4
— Víctor Ruiz (@victor_ruiz) February 23, 2024
Until 9:45 a.m. this Friday, February 23, Ackerman ‘s publication remained active without alterations. This publication includes a message about the price of information obtained illegally, which has not yet received a response.
This article has been translated from Ignacio Gomez Villaseñor´s editorial piece posted in Publimetro, on February 23, 2024. Gomez Villaseñor is a communicator and journalist specialized in politics and corruption; collaborator in research studies at a national and international level, co-author of several publications, and constant student of advanced Artificial Intelligence (AI) technologies.
TYT Newsroom