Potentially devastating digital ID hack in Argentina could have many ripples

Demonstrating just how hard it is going to be to engender trust in public or private biometric systems, a hacker reportedly has stolen the government digital ID information for every citizen in Argentina.

While the government initially denied an attack took place, editors at the tech news publisher The Record say a new Twitter account for @AnibalLeaks posted the ID information for 44 Argentinian celebrities. The government confirmed the breach days later, but denied that the national ID database had been compromised, suggesting only a VPN account belonging to the Ministry of Health had been hacked.

Biometric data in the form of government photos are among the information that has been stolen. Also among the compromised data are home addresses, birth dates, Trámite (social security) numbers and citizen numbers.

The publication goes further, saying that its editors have spoken with someone who is charging all comers for access to the entire 45 million-ID National Registry of Persons, or Renaper.

An advertisement for access to the digital ID records (pictured in The Record’s story) has been posted in a popular hacking forum.

The person contacted by the publication reportedly said the personal information of one million or two million more could be released. “Careless employees” enabled the theft, the person reportedly said.

Last year, the registry enabled remote digital ID processing for mobile devices during the COVID pandemic. It is not clear how, if at all, the hack impacts citizens or this policy.

Article Topics

Argentina  |  biometric data  |  biometrics  |  data protection  |  digital ID  |  digital identity  |  face photo  |  identity management  |  national ID  |  National Registry of Persons (RENAPER)  |  privacy