Cyber Incident Victim: Carabineros de Chile
Date:
Oct 2019
Location:
Chile
Summary
A cyberattack targeting Chilean national police resulted in the exposure of over 10,000 sensitive files during ongoing social unrest. Hackers leaked personnel databases containing officials' names, identification numbers, and system passwords, alongside operational intelligence including weapons inventories, surveillance targets, and security protocols for protecting high-ranking authorities. The breach revealed internal communications detailing response strategies to protests, with compromised documents disclosing residential coordinates of protected individuals and a commander's mobile number. Multiple intrusions disrupted the institution's electronic documentation platform, demonstrating sustained access to confidential systems amid heightened political tensions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The hack against Chilean Carabineros (national police) occurred amid nationwide social unrest beginning October 18, 2019. Attackers first breached the institution's systems by October 25, 2019, leaking a database containing personal details of all Carabineros officials—including names, national ID numbers (RUT), genders, assigned units, and post locations. This initial compromise also exposed passwords for accessing the police force's electronic documentation platform (DOE), forcing its immediate takedown. Hackers conducted at least three separate intrusions, with the third attack yielding over 10,000 files reviewed by investigative outlet CIPER. These documents revealed operational intelligence such as weapon inventories per unit, classified "targets of interest" for police surveillance, and security protocols for protecting high-ranking authorities.
The third data dump specifically contained decrypted internal communications showing Carabineros' operational adjustments during the ongoing protests. Exposed records included geographical coordinates of residences belonging to senior officials, mobile phone numbers of security commanders, and tactical directives for safeguarding those individuals. Attackers additionally accessed confidential briefing materials outlining planned government responses to protest activities. The repeated breaches compromised institutional credibility while creating tangible physical risks—sensitive personal data of all personnel remained publicly accessible, and strategic intelligence could be exploited to circumvent police operations. No public remediation efforts were detailed beyond the DOE platform's deactivation following the initial breach.