[BreachExchange] Hacker posts over 4, 000 sensitive documents from Mexican embassy

Destry Winant destry at riskbasedsecurity.com
Mon Apr 22 10:16:00 EDT 2019


https://www.engadget.com/2019/04/19/mexico-embassy-guatemala-hack-leaked-documents/

Thousands of documents containing sensitive information belonging to
Mexico's embassy in Guatemala were leaked online this week by a
hacker. The stolen cache contained more than 4,800 files related to
the embassy's activities including its dealings with personal
documents belonging to Mexican citizens. The hacker, identified on
Twitter as @0x55Taylor, published the data online after the embassy
failed to reply to his attempts at making contact. The files were
eventually pulled offline by the cloud storage company used to host
them, but TechCrunch was able to confirm the authenticity of the
documents.

The hacker got ahold of the trove of documents after discovering the
server hosting the files suffered from a security vulnerability and
was compromised. After downloading the files, he found scans of
passports, visas, birth certificates and other personal documents --
some of which belonged to Mexican citizens and diplomats. Letters
granting rights, privileges and immunities to embassy staff were also
found in the stash, as well as documents showing staff medical
expenses, vacation time and other administrative information.
0x55Taylor reportedly attempted to contact Mexican officials about the
issue but was ignored. While leaking the files online is one way to
get the attention of people, it also puts the victims of the leak at
risk by further exposing private information.


More information about the BreachExchange mailing list