RansomHub claims 313GB exfiltrated in Mexican government cyberattack
Ransomware gang RansomHub has claimed responsibility for an attack on the Mexican government, claiming to have exfiltrated data.
On November 15, the threat group listed the official Mexican government website on its website, claiming to have stolen 313 gigabytes of data.
“gob.mx is the platform that promotes innovation in government, drives efficiency and transforms processes to provide information, procedures and a platform for public participation,” the threatening group said.
🚨 MEXICO ALERT 🚨
The group #RANSOMHUB added a new victim to the home https://t.co/Wl9MrD3U2S, reporting a filtration of 313 GB of information.@ivillasenor @NicoTechConseils
🔒 #Ransomware | #Ciberseguridad | #Infosec | #Gobierno | #DataLeak pic.twitter.com/zP0Ep91APA
– TIAL (@mbec03) November 15, 2024
RansomHub said the exfiltrated data contains “contracts, insurance, financial data, confidential files” and released a sample of the allegedly stolen data.
Based on this list, the threatening group specifically targeted the legal advisor to the federal executive branch (CJEF).
Listed in the samples are the names, emails, roles, “RFCs” and portraits of CJEF staff members, as well as a number of digitized contracts from 2023, one of which is addressed to Mario Gavina Morales, director of the Mexican government. information and communications technologies.
The Mexican government has yet to issue a public statement on the incident; however, the website appears to be functioning normally.
RansomHub set a 10-day deadline for ransom payment before publishing the data.