[ad_1]
Hackers revealed hundreds of thousands of confidential passport information following a cyberattack on Argentine immigration authorities. Swiss tourists are also affected by data theft.
According to various sources, the attack occurred on August 27. The hackers had used a computer virus to access around 3 gigabytes of data on the computers of Argentine immigration authorities. Shortly after, the attackers reported to the authorities and claimed that the data was encrypted. They asked for a $ 4 million ransom.
The authorities apparently did not comply with the request. As a result, the hackers published a 2 gigabyte file on the Internet, as reported in unison by the Argentine newspaper “Clarín” and Bayerischer Rundfunk. Both media had access to this file.
Data also of migrants and secret service employees
On the one hand, the file contains data on migrants, refugees and employees of the Argentine government. On the other hand, passport numbers, dates of birth and travel information of hundreds of thousands of tourists from, among others, Germany, Israel, France and Canada have been published from 2013 to 2020. Travelers from Switzerland are also affected, as confirmed by the Federal Department of Foreign Affairs (FDFA) upon request.
The publication could have consequences for migrants and refugees, because countries of origin can use it to obtain data that would not otherwise be accessible to them. According to the newspaper “Clarín”, the data record also contains the names of the employees of the Argentine secret service who request to reset their password. For tourists, data theft can have unpleasant consequences because the data could be used for identity theft. Criminals could use it to open accounts with online banks on behalf of the injured party.
The Migration Office relativizes the scope of data theft
Argentine immigration authorities confirmed the attack on August 27, the day of the attack, with a notice on their website. At the time, however, the authority denied that the data had actually been stolen. On September 12, the Migration Office reversed this statement via Twitter, but put the damage of the attack into perspective.
Only about one percent of the annual data volume is affected. The database itself was not compromised. Work is being done to improve the security of IT systems in order to prevent further attacks.
It is not clear who is behind the attack. According to information from Bayerischer Rundfunk, the attackers used the Netwalker ransomware, which was developed by hackers from Russian-speaking countries. “Clarin” informs that the server on which the data was uploaded is located in Dnepropetrovsk, Ukraine.