Cyber Incident Victim: Quiborax
Date:
Aug 2022
Location:
Chile
Summary
A hacktivist collective named Guacamaya leaked over 2 terabytes of internal emails and documents from multiple mining companies and environmental agencies across Central and South America, including Chilean firm Quiborax, to expose alleged environmental exploitation and pollution. The materials, published on Enlace Hacktivista and mirrored by transparency group DDoSecrets, targeted public and private entities accused of resource extraction and environmental harm, with Guacamaya citing a desire to halt destructive practices. This followed the group’s earlier release of 4.2 terabytes from mining subsidiaries linked to pollution in Guatemala, which spurred international investigative reporting on corporate misconduct and surveillance. The collective framed their actions as resistance against ecological plunder and expressed solidarity with affected communities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On August 3, 2022, the hacktivist collective Guacamaya published over 2 terabytes of stolen emails and internal files from five mining companies and two environmental regulatory agencies across Central and South America. The affected entities included Ecuador’s state mining company ENAMI, Colombia’s National Hydrocarbons Agency (ANH), New Granada Energy Corporation (Colombia), Chilean mining firm Quiborax, Venezuelan oil company Oryx, Brazilian mining company Tejucana, and Guatemala’s Ministry of Environment and Natural Resources. Guacamaya released the data through Enlace Hacktivista, a platform for hacktivist communications and leaks, accompanied by a Spanish-language manifesto condemning environmental exploitation by international corporations and governments. The group framed the leak as an act of resistance against resource extraction, pollution, and corporate dominance, declaring their intent to amplify local struggles through digital disruption. Transparency collective DDoSecrets simultaneously mirrored the release, broadening public access to the documents.
This incident followed Guacamaya’s March 2022 breach of Swiss-owned mining subsidiaries, which had yielded 4.2 terabytes of data revealing environmental violations and corporate surveillance in Guatemala. While the August leak’s exact intrusion methods weren’t detailed, Guacamaya had previously published a video tutorial explaining their network infiltration techniques after the March operation. The collective emphasized ideological motivations in interviews, aligning their actions with global environmental and anti-colonial movements. The compromised data exposed internal communications and operational details of Quiborax and other firms, potentially revealing environmental practices and regulatory interactions. Though specific impacts on Quiborax weren’t enumerated, the leak contributed to broader investigative journalism efforts, similar to the "Mining Secrets" project involving 65 international reporters that stemmed from Guacamaya’s prior disclosures. No containment measures or responses from the affected organizations were documented in the available sources.