Cyber Incident Victim: Quintana Roo Attorney General's Office
Date:
Jan 2023
Location:
Mexico
Summary
The Quintana Roo Attorney General’s Office experienced a significant data leak after a critical server vulnerability exposed 7,910 online complaints, which were subsequently published on a hacking forum. The compromised records contained highly sensitive information related to unresolved criminal cases, including disappearances, sexual exploitation, child prostitution networks, kidnappings, drug trafficking, executions, extortion, and corruption involving public officials. While the agency confirmed an investigation into the breach and asserted that other systems remained secure, the attacker—claiming hacktivist motives—criticized the office’s inadequate data protection protocols and alleged systemic negligence in investigating crimes. The leaked documents, extracted via optical character recognition, included detailed complaint texts revealing unaddressed criminal activities, alongside derogatory remarks about agency leadership.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
A data leak involving the Quintana Roo Attorney General’s Office occurred when a file containing 7,910 complaints was published on a popular hacking forum. The leaked complaints, filed through the office’s online system, included reports of lost documents, minor thefts, threats, disappearances, sexual exploitation, child prostitution networks, kidnappings, drug dealing, executions, extortion, and corruption involving public officials and police. The forum user responsible claimed to have exploited a critical vulnerability in the office’s servers to extract the entire database of online complaints submitted since the system’s inception. Using optical character recognition (OCR), the attacker processed the complaint texts to analyze sensitive information, which they asserted contained crucial evidence for solving crimes in Quintana Roo. The attacker identified themselves as a hacktivist and criticized the Attorney General’s Office for inadequate security protocols and alleged selective investigation practices, accusing officials of ignoring serious crimes while protecting certain interests.
The Quintana Roo Attorney General’s Office acknowledged the incident via Twitter, stating it had initiated an investigation into the theft of digital complaint forms but asserted that other computer systems remained secure and that no broader data risks existed. The office did not confirm the attacker’s claims regarding the vulnerability or the scope of exposed data beyond the complaint forms. The hacktivist’s forum post included derogatory remarks about named officials, including Attorney General Oscar Montes de Oca Rosales, though no formal response to these allegations was documented. The breach exposed personal details of complainants and case specifics, raising concerns about victim safety and operational transparency. Citizens and businesses relying on the online complaint system faced potential disruptions, though the government emphasized normal operations for unaffected systems. No ransom demand was mentioned, and the incident remained under investigation without further public updates at the time of reporting.