Researchers at Lucy Security recently discovered that a Russian hacker named m1x breached a Mexican government web portal and three days later once the government refused to pay a ransom, publicly-released some 14,000 Mexican taxpayer ID numbers.

Colin Bastable, CEO of Lucy Security, said the researchers discovered the case on a hacking forum on the dark web Sunday, June 7. The hacker first announced that he was waiting for payment Sunday morning, but the Puebla staff did not know how to pay in bitcoin and the two parties could not reach an agreement fast enough. So on Wednesday of this week, m1x leaked 100 gigabytes of Mexican government data on a public cloud service.

“There appears to be a trove of credentials in the data,” Bastable said, who added that the taxpayer ID numbers included home addresses and phone numbers. The hacker also released an undetermined number of police records.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.