Data leak from the Secretariat for National Emergencies in Paraguay
ElevenPaths’ analyst team presents the case of the Secretariat for National Emergencies in Paraguay which suffered a data leak on 26 August.
The platform of the Secretariat for National Emergencies (SEN) of the Republic of Paraguay, the governing body of all activities within the context of risk management and reduction in the region, was compromised on the 26 August when a dump leaked more than 48,000 lines of their database. Although the vast majority of the data was of an organisational nature, personal information was also divulged as the leak involved telephone numbers and addresses of clients, employees and suppliers, as well as other particularly protected content.
The Twitter account @Sc0rp10nGh0s7 responsible for the leak is a hacktivist one, given that it contributes to the disclosure of information related to different Anonymous operations. In addition, this profile currently seems like it is of the current leader of the Shad0w Security organization, created in June 2016 after leaving the Ghost Squad Hackers group.
Our analysts emphasize that the governmental nature of the exposed profiles means that full precautions must be taken if we take into account the access which these accounts might have to confidential information.