A hacker (or hackers) has stolen the identity records for 45 million Argentinians. This hack took place (last month) in Sept 2021 by targeting the “Registro Nacional de las Personas” (RENAPER). RENAPER issues all national ID cards to the citizens of Argentina.
Where is Argentina? It’s on the southern end of South America, and very close to Antartica.
So we know this leak is real as the alleged perpetrator is publishing samples of the data on Twitter using a newly registered account @AnibalLeaks (Suspended). Anibal has started leaking details of Argentinian celebrities, the country’s president and multiple journalists, political figures, soccer stars and more.
So what is the data format?
- idtramiteprincipal (Processing #)
- idtranmitearjetareimpresa (Processing # on card)
- ejemplar (Copy)
- vencimiento (Expiration date)
- emision (Data of issue)
- appellido (Surnames)
- nombres (Names)
- fechaNacimiento (Birthdate)
- cuil (Unique labor identification code)
This is how an Argentinian ID/s looks like:
Estimated quantum of data leaked should be 45M records x 15 fields x 1Kb/field = ~675GB.
Government authorities are investigating eight government employees about having a possible role in the leak. A VPN (Virtual Private Network) account assigned to the Ministry of Health was used to query the RENAPER database and could be a possible attack vector.
Where to now?
The hacker continues to blackmail RENAPER with a threat to trickle-publish the data including the “Trámite” numbers, and Photo IDs. This could seed the beginnings of a Facebook alternative for Argentina. Say renaperbook.com?