Simón.ts

🚨 CYBER INTELLIGENCE ALERT: ALLEGED LEAK RELATED TO ANOTHER BREACH - ARGENTINA (PART 2) ⚠️ CRITICAL THREAT: EXPOSURE OF OVER 32M FINANCIAL RECORDS (BCRA), MEDICAL DATA (IOMA), AND SECURITY FILES (PFA) [STATUS: UNDER ANALYSIS / INVESTIGATION] The threat actor identified as Skull1172, operating under the umbrella of the EsqueleSquad group (Esquel3Squ4d), has published a massive update of exfiltrated data from various Argentine state and financial entities. 👤 Threat Actor: Skull1172 / EsqueleSquad 🎯 Affected Entities: BCRA (Central Bank of the Argentine Republic) IOMA (Medical and Healthcare Institute - Province of Buenos Aires). PFA (Argentine Federal Police). GDEBA (Electronic Document Management of the Province of Buenos Aires). 📂 Declared Volume: More than 33 million people affected in aggregate. 📅 Publication Date: May 17, 2026 📊 ANALYSIS OF THE EXPOSED DATA SETS (SMALL SAMPLES) The attacker's manifest clearly outlines the extent of the breach, providing technical samples structured in JSON and CSV formats: 1. 💳 BCRA: Mass Scraping of Credit History (+32 Million Records) The actor claims to have performed a massive scraping of the Central Bank's debtors and credit scoring database, exposing the financial profile of almost the entire banked adult population of the country: PII Structure: Full names, types and numbers of National Identity Documents (DNI) and Tax Identification Codes (CUIT). Financial Data: Dates of birth, exact amounts of accumulated debt, credit status codes (e.g., "Normal Status" / Code 1, or delinquency levels), and associated banking entities (e.g., Banco Santander Argentina, Banco de la Provincia de Buenos Aires). 2. 🏥 IOMA: Member Registry and Clinical Data (+1 Million Records) A critical compromise targeting the primary social health insurance provider of the Province of Buenos Aires, exposing Protected Health Information (PHI): Identity and Contact Information: Membership numbers, CUITs (Tax ID numbers), full names, active email addresses, and dates of birth. Health Data and Treatments: Specific fields from the MEPPES registry (Specialized Medication Monitoring), explicitly exposing patients' chronic conditions (e.g., oncology, diabetes, hypercholesterolemia) and the specific medications prescribed (e.g., ATORVASTATIN, Bisoprolol). 3. 👮‍♂️ PFA: Classified Documents and Political Dossier (903 PDFs) Files categorized as restricted or confidential information belonging to the Argentine Federal Police (PFA). High-Profile Dossier (Doxxing): The targeted inclusion of a file containing personal and intelligence data on the Governor of the Province of Buenos Aires, Axel Kicillof, exposing his private phone number, address geolocation records, chat logs, and financial credit scoring profiles. 🛡️ MITIGATION AND EMERGENCY RECOMMENDATIONS 🔒 Entity-Level Anti-Fraud Hardening: Commercial banks and healthcare platforms in Argentina must discontinue the use of CUIT/DNI numbers or BCRA debt records as static identity validation mechanisms across telephone or digital service channels. ⚠️ IOMA Awareness Campaigns: IOMA must issue early warnings to its members, reminding them that the institution will never request online banking credentials, wire transfers, or passwords in order to authorize the dispensing of specialized medications listed in the MEPPES registry. 🔍 Query API Auditing: The BCRA and GDEBA infrastructure providers must audit request rates at their public debtor lookup endpoints to mitigate the execution of automated scripts for large-scale mass scraping. ⚡ MONITORING AND EVALUATION 🌐 Intelligence System: https://t.co/wk9bZJ3laQ 🛡️ Quickly assess your website's security at: https://t.co/YnDw1QkkYK #CyberSecurity #Argentina #BCRA #IOMA #PFA #DataBreach #MEPPES #Doxxing #FinancialSecurity #ThreatIntelligence #CiberAlerta #VECERT #Infosec