Peruvian Congress of the Republic

The Peruvian Congress of the Republic is the national legislature of Peru, responsible for drafting, debating, and enacting laws, representing the citizenry, and exercising oversight of the executive branch. It functions as a unicameral body composed of elected members of congress, supported by a substantial administrative workforce including staff, advisers, and affiliated personnel such as pensioners. The institution operates from its headquarters in Lima, serving as a central pillar of the country's democratic governance and legislative process. Its activities encompass a wide range of parliamentary duties, committee work, and constituent services, reflecting its role as the primary lawmaking authority in Peru. The Congress manages sensitive personal data pertaining to its members and affiliated individuals as part of its administrative and operational functions.

In August 2022, the Peruvian Congress suffered a significant data security incident that compromised the personal information of workers, parliamentarians, advisers, and pensioners affiliated with the institution. The breach resulted in the unauthorized exposure of full names, national identity document numbers, official positions, personal and corporate email addresses, and telephone numbers through a public document storage platform. This leaked data subsequently facilitated targeted phishing attempts, where recipients received suspicious messages on their mobile devices designed to trick them into revealing further credentials or accessing malicious content. The incident underscored the vulnerability of governmental entities to cyber threats that can escalate from initial data leaks into direct attacks on personnel. The available summary does not specify the technical cause of the breach or detail any remedial actions taken by the Congress following the discovery of the incident. The event highlights the potential for data exposures to enable social engineering campaigns against high-profile organizations and their associated communities.