Cyber Incident Victim: Comando de Apoyo Táctico de la Región Estratégica de Defensa Integral José Antonio Páez
Date:
Dec 2016
Location:
Venezuela
Summary
A Venezuelan army financial system (CATROPAEJB) was compromised by a hacker exposing approximately 3,000 accounts containing full names, email addresses, and telephone numbers. The attacker claimed to have identified webmail system credentials enabling access to user data but asserted no unauthorized data retrieval, framing the breach as a security demonstration. This incident exploited a previously known vulnerability that remained unpatched despite prior compromises. The hacker, self-identified as a security researcher, cited collaborations with foreign governments to remediate flaws but indicated no evidence of corrective actions by the affected organization, leaving sensitive personnel information at ongoing risk of exposure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
de Aros de la Tropa Profesional del Ejercito Bolivariano Venezolano." The breach exposed 3,000 accounts with personal details like full names, email addresses, and phone numbers. Kapustkiy also found logins for the army's web management system but claimed accessing personal info data, claiming his intent was to highlight security flaws. The article notes that the same site had been hacked before, and administrators failed to fix the vulnerability, which Kapustkiy exploited again.
Now, following the rules: I need to write at least two paragraphs with 10+ sentences total, sticking strictly to the facts from the article. No speculation, opinions, or mitigation advice. Just the chronology, impact, and response actions mentioned. Also, avoid any headings or labels, and don't include conclusions or introductory phrases.
First paragraph: Start with the date and the attacker. Mention the system breached (CATROPAEJ), the type of data exposed (3,000 accounts with PII), and the attacker's claim about finding web management logins but not accessing further data. Include his stated purpose of helping fix vulnerabilities.
SecondOn December 2, 2016, an individual identifying Kapustkiy breached a database belonging to the Venezuelan's CATROPAEJ system, described as "Cde Aros de la Tropa Profesional del Ejercito Bolivariano Venezolano." The attacker accessed approximately 3,000 accounts containing personal identifiable information, including full names, email addresses, and telephone numbers. Kapustkiy also identified login credentials for the's web management system, which could have enabled access to additional personal user data, but publicly stated he refrained from exploiting this access. The attacker asserted the intrusion's purpose was to expose security vulnerabilities, emphasizing he "didn't do it" to misuse the data but to prompt remediation. This incident followed a prior breach of the same system, with Kapustkiy noting administrators had failed to address the vulnerability despite its previous discovery.
The breach exposed the continued presence of unpatched security flaws within the Venezuelan's digital infrastructure. Kapustkiy, identifying as a security pentester unaffiliated with the Powerful Greekgroup, claimed a pattern of targeting government websites to demonstrate vulnerabilities, citing collaborations with Italian and Indianentities to resolve past findings. No specific containment or response actions by Venezuelan authorities were detailed in the available source material. The incident resulted 3,000 individuals' personal information, with data types confirmed as names, emails, and phone numbers. The reuse of a previously known exploit highlighted systemic security maintenance failures, though no evidence indicated further malicious data exploitation beyond the initial unauthorized access.