Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Privacy

Hacker Steals Government ID Database for Argentina's Entire Population (therecord.media) 41

A hacker has breached the Argentinian government's IT network and stolen ID card details for the country's entire population, data that is now being sold in private circles. The hack, which took place last month, targeted RENAPER, which stands for Registro Nacional de las Personas, translated as National Registry of Persons. From a report: The agency is a crucial cog inside the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens, data that it also stores in digital format as a database accessible to other government agencies, acting as a backbone for most government queries for citizen's personal information.
This discussion has been archived. No new comments can be posted.

Hacker Steals Government ID Database for Argentina's Entire Population

Comments Filter:
  • by cayenne8 ( 626475 ) on Tuesday October 19, 2021 @12:39PM (#61906995) Homepage Journal
    ...for the US to get one of these national ID and databases.

    I mean, the SS one is not nearly bad enough, this new one could add biometric and more info and be MUCH more risky like in Argentina.

    • Ok but that's a one-sided analysis without weighing against the downsides of the status quo.
      • Ok but that's a one-sided analysis without weighing against the downsides of the status quo.

        Ok...care to list a few of those downsides?

    • No, you have this all wrong... The government can take care of your data. Nothing could go wrong.

      • Well, I guess this is the branch I was looking for, but without the obligatory joke. What's with all the vacuous Subjects? Just the "grab FP" pressure? But the original Subject was only marginally worse than mine, because I'm not actually joking. I'm going to try to address the "What".

        There's too much focus on the "stick" side of personal information abuse. It's easy to see how people can be threatened with the disclosure of their negative information. And of course governments collect lots of negative info

      • Donâ(TM)t worry citizens, the gov still has all the data, it did not disappear. The hackers only made a copy.
    • ... the US to get one of these national ID ....

      A 2008 US law allows your driver's licence (or proof-of-age Id.) to be a federally-approved identity card. Many states have refused to enact the verification procedures required.

  • If any native English speakers cant figure out what Registro Nacional de las Personas means then they should probably stick to reading Reddit instead of a site like this that requires an IQ larger than a shoe size.

  • by juancn ( 596002 ) on Tuesday October 19, 2021 @01:48PM (#61907305) Homepage
    I'm argentinian, the ID numbers are treated as public information mostly, it's like someone knowing your name. We don't use them for authentication.

    Even addresses and credit status are usually on the public record.

    Since voting is mandatory, there's a list (padrón electoral) that already has all that data and it's mostly public (it has id number, name, gender and last known address).

    Heck if you go to the central bank you can query a bunch of stuff about people and companies [bcra.gob.ar] with the CUIT/CUIL which is the ID number plus some disambiguation used for tax purposes.

    As an example, you can check Messi's status here [cuitonline.com] (his CUIT is 23330162449, and his ID number 33016244) or go to the central bank and check his credit history in Argentina using the CUIT.

    It won't be very interesting because he hasn't been here mostly.

    The main concern would be that some of the rushed apps made during the COVID pandemic, sometimes require a number that's normally only on your ID card or on the RENAPER as a pseudo authentication, but the security issue is with those apps, in any case you can't do much with them other than look at some information.

    • Yep, pretty much the same here in Spain. I think in the USA they treat people's social security number as if it were some kind of secret authentication code, when in fact, it's pretty easy information to get hold of. Results in a lot of financial fraud & identity theft. The USA has really gotta find a more secure way to do their personal authentication.
      • by cowdung ( 702933 )

        Yeah.. you'd think the US could have a safer authentication mechanism than a public number that you have to keep giving out to people for different reasons.

    • by cowdung ( 702933 )

      Yeah. I'm kind of surprised a hacker was needed.

      I'm in a neighboring country and the "national ID database" circulates between programmers for their apps. Also, it's available online right now.

      So I'm not sure what great accomplishment these hackers achieved.
      If I were them I'd be covering my face with my black hat right now to escape the public embarrassment.

  • Time to make those companies assume that your data is stolen, and stop identity thieves from having personal identifying information and demand actual evidence that you are a real person, not just someone who bought your stolen info on the dark web.

    ZERO TRUST works because it is not convenient, and convenience isn't secure

  • - 0.000002 % of the population are popes
    - Argentinians are 50% male and 95% female
    - Instead of an address they just store your distance to Buenos Aires

Solutions are obvious if one only has the optical power to observe them over the horizon. -- K.A. Arsdall

Working...