Charly Mas

🚨 CYBER INTELLIGENCE ALERT: ALLEGED COMPROMISE OF HEALTH INFRASTRUCTURE AND EXFILTRATION — ARGENTINA 🇦🇷 [STATUS: THREAT UNDER INVESTIGATION / UNCONFIRMED / EXFILTRATION OF HEALTH DATA / SOURCE: SOCIAL MEDIA] SOULHEM TEAM AWARDS ACQUISITION OF 52 MILLION DATA RECORDS FROM THE MINISTRY OF HEALTH AND ANSES RECORDS The threat actor identified by the alias Sqx, operating on behalf of the cybercriminal collective Soulhem Team, has announced the alleged intrusion and compromise of the core systems of the Argentine Ministry of Health. The attacker claims to have exfiltrated a massive volume totaling 52 million records, including databases of healthcare professionals, beneficiary files, and documents cross-referenced with the National Social Security Administration (ANSES). 🏢 Allegedly Affected Entities: Ministry of Health of the Argentine Republic and National Social Security Administration (ANSES). 👤 Threat Actors: Sqx / Soulhem Team ⚔️ Potential Attack Vector: Extraction of databases by compromising credentials of internal vaccination management platforms, public sector payroll portals, or national health interoperability APIs. 🔍 Verification Status: SUSPECTED / UNCONFIRMED. The extent of the breach and the direct impact on the ministries' central servers remain under strict audit by the State's cybersecurity agencies. ⚠️ CRITICAL RISK ANALYSIS AND DECLARED FIELDS If the validity of the 52 million data lines is confirmed, the criminal impact and the effects on citizens and public institutions introduce severe risk scenarios: 👤 Exposure of Personally Identifiable Information (PII) of Physicians: The attacker claims to possess the Full Name, National Identity Document (DNI), Gmail Address, Gender, Postal Code, and Date of Entry of every healthcare professional in the country. This represents a clean database for mass identity theft campaigns, professional impersonation fraud, or targeted extortion. 🏥 Leakage of Medical Records and Patient Data: The exposed lists reveal patients' full names directly linked to their national identity card numbers (e.g., Vallejos Valentina Antonela, Quintana Yésica Belén, Santa Cruz Oscar Aníbal, Acevedo Celina Yamila), connecting them to reasons for emergency room visits and specific medical treatments. This breach of confidential health information directly violates national personal data protection laws. 🛡️ TECHNICAL RECOMMENDATIONS AND PREVENTIVE MITIGATION 🛑 Isolation and Forensic Investigation of Public Sector Networks (Immediate Corporate Action): The National Security Incident Response Teams (CERT .ar) and the IT administrators of the Ministry of Health are urged to audit the export logs of outpatient consultation and vaccination records systems, temporarily isolating any local hospital-level user accounts (such as those in Colón or Lanús) that show an anomalous volume of consecutive requests during the first half of 2026. 🔑 Hardening Access and Deployment of Multi-Factor Authentication (MFA): Restrict access to government portals for uploading medical data, forcing the expiration of all concurrent healthcare user sessions and mandating the use of robust authentication factors based on tokens or biometrics from the official application. 📊 MONITORING AND EVALUATION Intelligence System: https://t.co/wk9bZJ2Nli Quickly assess your website's security with: https://t.co/QZhWp0kFrO #CyberSecurity #Argentina #MinistryOfHealth #ANSES #SoulHem #SqxTeam #DataLeak #MedicalRecords #PIIExposure #ColonHospital #ThreatIntelligence #CyberAlert #VECERT #Infosec #UnverifiedBreach