The data breach exposed personal information, contact details (i.e. names, addresses, emails, phone numbers, Facebook and Twitter accounts), and private documents of a large number of individuals.
The hackers breached the Argentinian Ministry of Industry website produccion.gob.ar by gaining access to an administrator account. The hackers confirmed that the login credentials used to protect the website are very weak demonstrating the poor level of security at the Argentinian Ministry.
Kapustkiy shared evidence of the data breach and provided the credentials for the admin panel that allowed the hackers accessing to personal information of employees and documents belonging to the ministry.
“When I was in the admin panel. I managed to download all the files that they got.”Kapustkiy told me.
According to Kapustkiy, the overall archive includes approximately 18,000 accounts, he confirmed that he will not leak the stolen data to protect the users of the Argentinian Ministry of Industry website.
Kapustkiy reported the data breach to the Argentinian Ministry of Industry that still hasn’t replied.
When asked about the hacking technique used, Kapustkiy told me that they didn’t use a SQL injection, but he avoided to provide me further details.
Recently Kapustkiy has breached the National Assembly of Ecuador and leaked the data via PasteBin. Once again he exploited a SQL injection.
A few days ago the hacker announced to have hacked the Venezuela Army, but the list of victims is long.
Recently he hacked the ‘Dipartimento dellaFunzione Pubblica’ Office of the Italian Government, the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), and the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya.
(Security Affairs – Kapustkiy, Argentinian Ministry of Industry)