Cyber Incident Victim: Argentinian National Registry of Persons

In late September 2023, a hacker infiltrated Argentina's National Registry of Persons (RENAPER), an agency under the Interior Ministry responsible for issuing national ID cards and maintaining citizen records. The attacker gained access through a compromised VPN account assigned to the Ministry of Health, enabling unauthorized entry into RENAPER's systems containing sensitive identity documents for Argentina's entire population. Evidence of the breach surfaced on October 13 when a Twitter account named @AnibalLeaks published national ID card photos and personal details of 44 prominent Argentine citizens, including football stars Lionel Messi and Sergio Aguero. The following day, the same account advertised services to retrieve personal information for any Argentine citizen, indicating broad access to the compromised database. Initial government statements denied any data breach or system compromise involving RENAPER infrastructure.

Argentinian authorities later acknowledged a security incident but maintained no data had been exfiltrated, asserting the VPN access had been promptly revoked. However, investigative journalists from The Record confirmed the breach's validity after the hacker provided verifiable samples of stolen data, including unique Trámite numbers and national ID details. The attacker claimed possession of RENAPER's complete citizen database and expressed intent to sell or leak the information privately. This incident followed documented breaches of the same registry in 2017 and 2019, revealing persistent vulnerabilities in Argentina's national identity management systems. The exposure of biometric and identity data placed Argentina's population at heightened risk of identity fraud, financial crimes, and targeted phishing operations, though no mass public leak had occurred by the time of reporting.