Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries

A hacker group called Guacamaya stole classified government information from multiple military and government agencies across several Latin American countries.

Among the data stolen by a group of hackers called Guacamaya (macaw in Spanish) there was a huge trove of emails from Mexico’s Defense Department, which shed the light on the poor resilience of the country’s infrastructure to cyberattacks due to poor investment and awareness.

The Guacamaya group claimed to have stolen six terabytes of data, including data related to the kidnap of 43 students by local police and allegedly handed over to be killed by a drug gang in 2014.

The news of the data breach suffered by the Defense Ministry was confirmed by Mexican President Andres Manuel Lopez Obrador, he did not provide details about the hack only explained that threat actors exploited a change in the military’s IT systems.

The hack also revealed details about his health condition of the President that is affected by a form of angina and the monitoring of the U.S. ambassador to Mexico.

Recently the Chilean Army’s Joint Chiefs of Staff suffered a data breach, the Guacamaya hackers had access to its emails and published more than 400,000 messages containing private information regarding the Army and the Ministry of Defense. According to the media, the security breach also affects Chile’s police forces.

The group also stole emails from the militaries in El Salvador, Peru and Colombia, as well as El Salvador’s National Police.

“This did not happen by chance,” he said.

According to Solano and other analysts consulted by Reuters, the vulnerability exploited by the hackers stemmed from a weakness in a Microsoft server detected last year, known as ProxyShell.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Guacamaya)

[adrotate banner=”5″]

[adrotate banner=”13″]