Cyber Incident Victim: New Granada Energy Corporation
Date:
Aug 2022
Location:
Colombia
Summary
A hacktivist collective named Guacamaya leaked over 2 terabytes of internal emails and documents from New Granada Energy Corporation and several other mining companies and environmental agencies across Central and South America, publishing the materials on Enlace Hacktivista and via transparency group DDoSecrets. The attackers targeted entities they accused of environmental exploitation and pollution, explicitly stating their intent to expose resource plundering by international firms and governments. The compromised data included communications from five mining corporations and two regulatory bodies in Colombia, Guatemala, Ecuador, Chile, Venezuela, and Brazil. This followed Guacamaya's earlier breach of Swiss-owned mining subsidiaries, where stolen files revealed corporate pollution evidence and suppression tactics, subsequently fueling a global investigative journalism collaboration. The group characterized their actions as resistance against environmental devastation and corporate dominance.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On August 3, 2022, the hacktivist collective Guacamaya published over 2 terabytes of stolen emails and internal files from five mining companies and two environmental oversight agencies across Central and South America, including Colombia's New Granada Energy Corporation. The group uploaded the data to Enlace Hacktivista, a platform for hacktivist communications and leaks, accompanied by a Spanish-language manifesto condemning environmental exploitation by international corporations and governments. Simultaneously, transparency organization DDoSecrets mirrored the release, broadening its distribution. The compromised entities spanned multiple countries: Ecuador's state mining company ENAMI, Colombia's hydrocarbon agency ANH, Chile's Quiborax, Venezuela's Oryx, Brazil's Tejucana, and Guatemala's environment ministry. Guacamaya explicitly framed the attack as retaliation against resource extraction practices, declaring their intent to halt "exploiting, mining, polluting, [and] that desire for dominance" through exposure of corporate activities.
This incident followed Guacamaya's March 2022 breach of Swiss-owned mining subsidiaries, which yielded 4.2 terabytes of data revealing pollution evidence, government manipulation attempts, and journalist surveillance. The earlier leak had catalyzed a global investigative project involving 65 journalists coordinated by Forbidden Stories. Guacamaya maintained operational consistency by publicly documenting intrusion methods via instructional videos and granting interviews explaining their anticolonial, environmentalist motives. The collective emphasized hacktivism as a form of resistance against entities causing "dignified rage" in affected communities. While immediate technical impacts on New Granada Energy Corporation were unspecified, the exposure of internal communications aligned with prior leaks that had triggered international scrutiny of corporate environmental practices and governance corruption. No containment measures or responses from the affected organizations were detailed in the available reporting.