DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Bits ‘n Pieces (Trozos y Piezas)

Posted on September 23, 2022 by chum1ng0

Cl: Guacamaya Group leaks emails from Joint Chiefs of Staff

El Estado Mayor Conjunto De Chile (EMCO), the advisory body of the Chilean Ministry of Defense, was the victim of a data leak. Thousands of emails were leaked online by the hacktivist group, Guacamaya in “Operation Repressive Forces. About 10TB of emails from military and police organizations from several countries were leaked, including the Secretariat of National Defense of Mexico, the National Civil Police of El Salvador, the General Command of the Armed Forces of Colombia, the Armed Forces of El Salvador, the Joint Command of the Armed Forces of Peru, and the Army of Peru.

The government issued a public statement on September 21 (translation):

In view of the known facts related to the security breach of the Joint Chiefs of Staff e-mails, the President of the Republic has instructed the Minister of National Defense to return to the country to lead the response to these facts.

The Government has ordered an administrative inquiry to determine the corresponding responsibilities. Additionally, the background information has been made available to the military justice system to initiate a criminal investigation.

Ar: Everest Group sells access to Argentina’s Ministry of Economy

On September 20, a sales listing by “Everest” appeared in a popular hacking-related forum for network access to the Ministry of Economy of Argentina.  The listing also claimed that the sale included access to various financial instruments and software of the ministry. It did not mention using any guarantor or middleman and gave a Tox ID for contacts/chat. Using a guarantor or middleman generally inspires more confidence in would-be buyers that a listing is not a scam, especially when the seller is either new or does not have a well-established reputation on the forum.

When contacted on Tox, Everest did not respond, but on September 21, the listing appeared on the Everest ransomware group site. When contacted via email, Everest informed DataBreaches that the sale price was $35,000.

Clarin reports the ministry denounced the possible hacking and has opened a criminal investigation into Everest. At the same time, they investigate to determine if there has been any unauthorized access to their databases or theft of any information:

“Although our technical areas have not yet been able to detect illegitimate access to our databases or the theft of passwords or information, the truth is that the public offer made makes it essential not only to carry out an exhaustive internal investigation in progress, but also the promotion of the pertinent judicial investigation for the possible existence of crimes of public action that could directly affect the interests of the National State”, says the complaint signed by Ricardo Casal.

Es: Sparta Blog attack on Sercom Informatica SL potentially affected Puigcerda Hospital

Sparta Blog recently listed Sercom Informatica SL on their leak site. They also provided samples of files exfiltrated from Sercom customers, including the Hospital Puigcerda.

Although the sample was small, it revealed IP addresses, passwords in plain text, domains, subdomains, and staff emails (IT).

DataBreaches sent email inquiries to the hospital to ask if they were aware of any cyberattack on their IT provider and if their data had been acquired. No reply was received.

DataBreaches also attempted to get more information from Sparta Blog, but they did not reply.


Additional reporting and editing by Dissent.

 

 

 

Category: Government SectorHackHealth DataNon-U.S.

Post navigation

← Bjorka, the Online Hacker Trying To Take Down the Indonesian Government
Hackers steal South Carolina fire department’s paychecks →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rajkot civic body’s GIS website hit by cyber attack, over 400 GB data feared stolen
  • Taiwan’s BitoPro hit by NT$345 million cryptocurrency hack
  • Texas gastroenterology and surgical practice victim of ransomware attack
  • Romanian Citizen Pleads Guilty to ‘Swatting’ Numerous Members of Congress, Churches, and Former U.S. President
  • North Dakota Enacts Financial Data Security and Data Breach Notification Requirements
  • Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says
  • Vanta bug exposed customers’ data to other customers
  • Lyrix Ransomware Targets Windows Users with Advanced Evasion Techniques
  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Florida ban on kids using social media likely unconstitutional, judge rules
  • State Data Minimization Laws Spark Compliance Uncertainty
  • Supreme Court Agrees to Clarify Emergency Situations Where Police Don’t Need Warrant
  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.