0ff

🚨 CYBER INTELLIGENCE ALERT: 🇦🇷 [UNCONFIRMED] EXFILTRATION OF MEDICAL AND BIOMETRIC DATA [STATUS: UNCONFIRMED / DATA EXFILTRATION / HEALTHCARE SECTOR / HIGH RISK] A post has been identified on underground forums attributed to the EsqueleSquad threat group (with the participation of actors Skull1172, EdisonGironFranco, and BrybedHydra2), who claim to have breached the systems of the Hospital Italiano in Argentina. Threat Actor: EsqueleSquad Affected: Hospital Italiano in Argentina Reported Breach Size: 10 staff computers More than 2.3 million biometric records More than 2.3 million patient and staff records Data Exposed: The attackers claim to have extracted sensitive information, including biometric data, email addresses, full names, phone numbers, and national identification numbers (DNI). 📂 Technical Analysis and Evidence Interface Screenshots: Images showing a "Patient Manager" detailing a record that includes a photograph (face), full name, DNI, and other personal data. Code Samples (API Scraping): The attackers provided samples of data extracted through queries to the hospital's web portal API. Console Evidence: Terminal screenshots showing the use of curl commands to interact with the hospital's API endpoints (wssPortal/api/biografia/datos-personales) using authentication tokens. Data Samples (JSON): JSON samples containing names, surnames, DNI numbers, dates of birth, and email addresses of real individuals have been published. 🛡️ Recommended Actions Forensic Verification: The Hospital Italiano de Argentina is advised to conduct an urgent audit of its API access logs for the portal to identify and revoke any compromised session tokens. Breach Mitigation: Assessing the exposure of disclosed biometric and personal data, and initiating notification protocols with personal data protection regulatory authorities in Argentina. VECERT SIGNAL INTELLIGENCE Strategic Monitoring Tools & Intelligence Platform: 🌐 https://t.co/wk9bZJ2Nli Security Verification & Monitoring: 🛡️ https://t.co/5LuqwzYuS6 #CyberSecurity 🔐 #ThreatIntelligence 📊 #HospitalItaliano #Argentina 🇦🇷 #DataBreach 📁 #HealthTech #PII #EsqueleSquad #VECERT 🏢

🚨 A darkweb forum post reveals a threat actor claiming to have exfiltrated 352.3 GB of data from multiple critical Mexican government institutions and a major financial institution. The post, authored by user Skull1172 on June 9, 2026, alleges a massive breach affecting some of Mexico's most sensitive government databases. According to the listing on the underground forum, the following organizations are reportedly compromised: - IMSS (Instituto Mexicano del Seguro Social) - Mexico's social security institute - Llave MX - Mexico's digital identity platform - SAT (Servicio de Administración Tributaria) - Mexico's tax administration service - FONACOT (Fondo Nacional para el Consumo de los Trabajadores) - National Fund for Workers' Consumption - INFONAVIT (Instituto del Fondo Nacional de la Vivienda para los Trabajadores) - National Housing Fund Institute - BBVA OWA https://t.co/UTv5LFo7ib - Government-related systems of BBVA, one of Mexico's largest banks The IMSS alone serves approximately 113 million people, making it one of the largest social security systems in Latin America. The SAT manages tax records for millions of Mexican citizens and businesses, while INFONAVIT oversees billions of dollars in housing funds for workers. Llave MX is the government's digital identity platform, critical for accessing various public services. If authentic, exposure of these government databases could enable large-scale identity theft, financial fraud, and compromise of sensitive citizen data across Mexico's population. The inclusion of BBVA government systems suggests potential access to financial infrastructure as well. At the time of reporting, the alleged breach has not been independently verified by Mexican authorities or cybersecurity firms. #DataBreach #Mexico #GovernmentBreach #IMSS #BBVA #DarkWeb #CyberSecurity

CYBER INTELLIGENCE ALERT: ALLEGED MASSIVE BREACH OF STATE DATA IN MEXICO 🇲🇽 💀 [STATUS: UNCONFIRMED / THREAT ACTIVITY ] A suspected massive intrusion into government and institutional systems in Mexico has been detected, attributed to the group known as EsqueleSquad. The actor claims to have obtained a massive dataset with a volume of 352.3 GB. Threat Actor: EsqueleSquad Data Volume: 352.3 GB Affected Institutions: The actor claims to have confirmed access to the systems of: UNAM, IMSS Welfare, IMSS Digital, Llave MX, SAT, FONACOT, INFONAVIT, Government Institutional Email Services, SIAF, and BBVA MX. Declared Content: The group claims to have exfiltrated more than 405 million records, including: Emails (+60.6 million), passwords (+58.1 million), phone numbers (+10.2 million), CURPs (+96.1 million), full names (+96.1 million), and map locations (+84.2 million). Evidence Analysis The group has published visible fragments as proof of concept. Records that appear to be database structures with fields such as "CURP" and other personal identifiers. Examples of queries (cURLs) directed to endpoints that appear to be associated with the Mexican Social Security Institute (IMSS). Security Considerations ⚠️ Nature of the Threat: The report indicates a possible structural negligence in the protection of government systems, where the information of millions of citizens may have been exposed. Identity Theft Risk: Given the amount of sensitive personal information, including CURPs (Mexican national ID numbers) and financial data, the risk of identity theft and fraud is extremely high if the breach is validated. Recommendations 🛡️ Forensic Validation: The aforementioned institutions are required to conduct an immediate security audit to verify the authenticity of the reported access points. Citizen Caution: Citizens should remain vigilant against potential phishing or social engineering attempts that use real data obtained from this incident. Identity monitoring and strengthening credentials on affected websites are recommended. Strategic Monitoring Tools 🌐 💻 Intelligence Platform: https://t.co/wk9bZJ2Nli 🛡️ Security Verification: https://t.co/5LuqwzYuS6 #CyberSecurity #Mexico #DataBreach #EsqueleSquad #ThreatIntelligence #IdentityTheft #VECERT #UnderInvestigation