Cyber Incident Victim: Policía de Seguridad Aeroportuaria

In early January 2025, Argentina’s Policía de Seguridad Aeroportuaria (PSA) experienced a cyberattack compromising its payroll system, impacting officers and civilian personnel. Unknown threat actors exploited a vulnerability in Banco Nación’s infrastructure—the bank responsible for processing PSA salaries—to access payroll records. The attackers made unauthorized deductions ranging from 2,000 to 5,000 pesos ($100 to $245) from employee accounts, disguising transactions under fabricated labels such as “DD mayor” and “DD seguros.” Local media reported the breach on January 1, citing internal PSA sources, though neither the agency nor Banco Nación publicly confirmed the incident. The attackers’ operational base remained unclear, with speculation about potential foreign involvement or domestic collaboration, including internal accomplices. The breach exposed personal and financial data of PSA personnel, though the total number of affected individuals and exact scope of data exfiltrated were not disclosed.

In response, PSA temporarily disabled certain services to contain the breach and initiated an internal cybersecurity awareness campaign for staff. The agency did not specify which services were blocked or the duration of disruptions. Authorities had not determined whether the attack was financially motivated, politically driven, or a combination of both by the time reports emerged. The cumulative financial losses from fraudulent salary deductions remained unquantified, and no threat actor claimed responsibility. This incident followed broader cybersecurity challenges in Argentina, including December 2024 breaches of government platforms Mi Argentina and SUBE, though no direct link between these events was established. PSA’s investigation continued without public updates on forensic findings or recovery timelines.