Hacker dumps thousands of sensitive Mexican embassy documents online

0
43
- Advertisement -

A hacker has stolen thousands of documents from Mexico’s embassy in Guatemala and posted online.

The hacker, who goes by the online handle @0x55Taylor, tweeted a link to the data earlier this week. The data is no longer available for download after the cloud host pulled the data offline, but the hacker shared the document dump with TechCrunch to verify its contents.

The hacker told TechCrunch in a message: “A vulnerable server in Guatemala related to the Mexican embassy was compromised and I downloaded all the documents and databases.” He said he contacted Mexican officials but he was ignored.

In previous correspondence with the hacker, he said he tries to report problems and has received bounty payouts for his discoveries. “But when I don’t get a reply, then it’s going public,” he said.

More than 4,800 documents were stolen, most of which either related to the inner workings of the Mexican embassy in the Guatemalan capital, including its consular activities, such as recognizing births and deaths, dealing with Mexican citizens who have been incarcerated or jailed, and the issuing of travel documents.

More than a thousand passports — including identification issued to diplomats — were stolen. (Image: supplied)

We found more than a thousand highly sensitive identity documents of primarily Mexican citizens and diplomats — including scans of passports, visas, birth certificates and more — but also some Guatemalan citizens.

Several documents contained scans of the front and back of payment cards.

One of the diplomatic visas issued to a Mexican diplomatic stolen in the files. (Image: supplied)

The stolen data also included dozens of letters granting diplomatic rights, privileges, and immunities to embassy staff. Diplomatic right grant employees of the foreign embassy certain protections from their host country’s government and law enforcement. Diplomatic immunity, for example, allows staff to be granted safe passage in and out of the country and are generally safe from prosecution. Other documents seen by TechCrunch were signed off personally by Mexico’s ambassador to Guatemala, Luis Manuel López Moreno, and were instructed to be transported by diplomatic bag, which foreign missions use to transport official correspondence between countries that cannot be searched by police or customs.

Many of the files were marked “confidential,” though it’s not known if the hacked data included anything considered classified or secret by the Mexican government. Other files were internal administrative documents relating to staff medical expenses, vacation and time off, and vehicle certifications.

When reached Friday, Gerado Izzo, a spokesperson for the consul general in New York, said it is taking the matter “very seriously” but did not immediately have comment.

Friday is a national holiday in Mexico.

Related stories:

Written by Zack Whittaker
This news first appeared on https://techcrunch.com/2019/04/19/mexican-embassy-hack/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29 under the title “Hacker dumps thousands of sensitive Mexican embassy documents online”. Bolchha Nepal is not responsible or affiliated towards the opinion expressed in this news article.