CERT-MX suffers credibility #FAIL, accuses DataBreaches.net of disclosing unauthorized info.

Is Mexico’s CERT / Guardia Nacional suffering from heat exhaustion, bad AI, or political pressure? How else can we explain their bizarre attempt to take down this site? 

Long-time readers of this site know that over the past 16 years or so that I have been blogging, I have been the recipient of all kinds of legal and non-legal threats to chill this site’s reporting or commentary on breaches. None of the legal, quasi-legal, or downright nutty threats or demands have ever stopped me and none have prevailed.

Last night, the latest installment of “Don’t Shoot the Messenger” arrived in my inbox.

It seems CERT-MX on behalf of Guardia Nacional of Mexico filed a complaint that this site allegedly violated their copyright and put people at risk. From their email to my hosting provider:

CERT-MX assigned to the Coordination for the Prevention of Electronic Crimes of the National Guard has been notified that the IP address [redacted by DataBreaches.net] is a site that discloses unauthorized information, this site puts the information security of its victims at risk of be victims of fraud and identity theft.

We appreciated that you can help us to cease this activity. A soon as possible please put on “clienthold”

Please kindly send us a confirmation email once these fraudulent domains have been disabled.

Thank you for your cooperation in preventing additional fraud.

So for starters, there was no “clienthold” imposed. In fact, my host just passed along the email and said I didn’t have to do anything as far as they were concerned.  But let’s continue, because I want you all to see how absurd the entire request/demand was.

The following are the seven urls that CERT-MX claimed violate copyright and put people at risk of fraud and identity theft.

1. https://www.databreaches.net/mexicos-economy-ministry-hit-by-cyber-attack/
2. https://www.databreaches.net/ransomware-puts-new-mexico-prison-in-lockdown-cameras-doors-go-offline/
3. https://www.databreaches.net/mx-el-instituto-nacional-de-medicina-genomica-inmegen-hit-by-cyberattack/
4. https://www.databreaches.net/a-second-inadequately-secured-mexican-voter-list-exposes-data-on-more-than-2-million-voters/
5. https://www.databreaches.net/movimiento-ciudadano-admits-responsibility-for-mexican-voter-data-leak-on-amazon/
6. https://www.databreaches.net/amazon-denies-movimiento-cuidadanos-claim-that-they-were-hacked/
7. https://www.databreaches.net/university-of-new-mexico-foundation-notifies-community-of-data-breach/

I’ll wait over here for a minute while you go check out those posts. My response for each of the urls, in the order as above:

1. A post from February 2020 that was an excerpt from a Reuters news article. Is Guardia Nacional trying to claim copyright over Reuter’s reporting? And how does that excerpt put any individual at risk of fraud or identity theft?
2. A post from January 2022 that contained an excerpt from an article in The Register. Is Guardia Nacional trying to claim copyright over The Register’s reporting, too?  And did you notice that this article is not even about Mexico but about NEW MEXICO, a U.S. state? What on earth was CERT-MX thinking?
3. A post from September 2021 which contains original reporting on a cyberattack on a Mexican government agency. Is Guardia Nacional claiming that they are the author and copyright holder over my reporting which is copyright DataBreaches.net?  And can CERT-MX show how that post increases the risk of people becoming victims of fraud or identity theft? To the contrary: that post warns people about an attack that might have put them at risk and that they might not otherwise know to take precautions about.
4. A post from May 2016 concerning a breach involving a Mexican voter database. The reporting doesn’t reveal any individual’s personal information and the leak was a newsworthy story to report. DataBreaches.net published a number of posts concerning voter database leaks in both the U.S. and Mexico to increase public and government awareness of the risks to people’s privacy and security.
5. An earlier (April 2016) post about the leaking Mexican voter database that Chris Vickery had discovered. This story involved an attempted coverup that DataBreaches reported on and pursued. No voters had their information exposed or put at risk by DataBreaches.net. The only people at risk were the people who lied to the government and the press as to how the data were exposed.
6. Another post from April 2016 on the Movimiento Cuidadano leak of a voter database and the attempted coverup.
7. An excerpt from a post in May 2017 about news concerning the University of New Mexico Foundation. NEW MEXICO, not Mexico, CERT. Nothing to see here, CERT-MX. Move along.

So what we seem to have is someone trying to get old posts about a Mexican voter database leak removed and throwing in a couple of other posts as cover — even if two of the other posts don’t even have anything to do with Mexico.

Guardia Nacional/CERT-MX seems to be misusing DMCA to claim copyright infringement and that this site puts people at risk of fraud or ID theft.

The only people DataBreaches put at any kind of risk were the people who lied about how a leak involving a voter database occurred.  And even then, DataBreaches did not put them at risk of fraud or ID theft. At worse, the reporting may have put them at risk of political harm — which was self-inflicted harm on their part.

And perhaps CERT-MX does not know this, but INE (Instituto Nacional Electoral) had thanked DataBreaches for this site’s reporting on Mexican voter database leaks to help shine the light on the need for better data protection. INE did not see this site as posing any risk of fraud or ID theft to Mexican citizens. Why is CERT-MX trying to claim otherwise six years later?

So to recap:

Two of the allegedly infringing articles have nothing to do with Mexico or Guardia Nacional at all. Is CERT-MX using AI to find links to file takedown notices about? If so, it needs to manually review its AI results to eliminate “NEW MEXICO” results.

The other urls all dealt with news stories in Mexico but did not leak any personal information nor link to any personal information. And as noted above, Mexico’s INE thanked DataBreaches.net for this site’s reporting and providing them with information to assist them in their investigation.

So, CERT-MX, I think you have DataBreaches’ answer now: NONE of the urls infringe on any Guardia Nacional copyright and NONE of the urls put citizens at increased risk of fraud or identity theft. The people who LEAKED or HACKED data put people at risk. This site simply alerted voters and consumers to the risk caused by others.

Finally, CERT-MX / Guardia Nacional:  a written apology to my host from you for your unfounded and defamatory claims is in order.