Twitter Pulls Account After Argentinian Mega Breach Claims

Twitter has suspended the account of an individual who claims to have obtained an ID card database covering the entire population of Argentina.

The hacker behind @aniballeaks claimed to have infiltrated the government’s Registro Nacional de las Personas, or Renaper registry, last month and took to the social media site to publish personal details on over 40 Argentinian celebrities including Lionel Messi.

According to Recorded Future, the individual also posted an ad on a well-known cybercrime forum claiming to have the details of over 45 million Argentinians – including ID card photos, full names, processing numbers and more. These could be used to create false ID cards, they said.

The Argentinian government responded last Wednesday, denying it had been breached and saying the individual was able to obtain access to the 44 celebrities by obtaining a staff member’s VPN password.

“After this preliminary analysis, the specialists confirmed, an unauthorized entry into the systems or a massive leak of data from the agency was ruled out outright,” it concluded.

However, the threat actor told Recorded Future that they do indeed have the full database and plan to release data on a million or two Argentinians to prove it over the coming days.

It remains to be seen whether they have the entire trove or are simply trying to drum up publicity and interest from potential buyers.

In related news, Twitter was also forced this week to suspend several accounts linked to North Korean hackers who have been posing as security researchers.

Google Threat Analysis Group analyst Adam Weidermann claimed that accounts @lagal1990 and @shiftrows13 were “leaning on the hype of zero days to gain followers and build credibility.”

In April, the North Korean group was observed creating a new fake company, website and social media accounts to lure victims interested in collaborating with the fake ‘researchers.’

What’s Hot on Infosecurity Magazine?