InfoSecBulletin Cybersecurity for mankind
Resecurity found 7.4 million records of Paraguayan citizens’ personal information leaked on the dark web today. Last week, cybercriminals attempted to sell this data for $7.4 million, or $1 per citizen. A ransomware group is extorting the country, marking a major cybersecurity event, with a deadline set for Friday, June 13, 2025.
Stolen data has appeared on various underground forums, including ZIP files of databases and a torrent file for P2P downloads of citizens’ records. This method was also used by LockBit 3.0, which used torrent files on P2P networks to avoid takedowns.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Paraguay has suffered a data breach involving the personal information of its entire population. The attackers, in their ransom demand, criticized the government’s corruption and negligence in protecting citizens’ data. The Paraguayan government refused to pay the ransom and provided little information on how the data of 7.5 million people was compromised, offering only vague comments. Just days before the leak, the President’s Twitter account was also compromised.
The leaked data likely comes from Paraguay’s National Agency for Transit and Road Safety, the Ministry of Public Health, and an unnamed system with personal information. Such leaks are not new in Paraguay, and this recent incident adds to a pattern of data breaches.
In 2025, Paraguay faced two significant data breaches from public institutions. The first breach at the Superior Tribunal of Electoral Justice revealed info on over 7 million individuals. The second, involving the Ministry of Finance, the Central Bank, and Itaipú, leaked a file with more than 17,000 records containing sensitive details such as payments to officials and personal information. In 2023, the National Police also had a breach that exposed documents and personal data of detainees, including their criminal records and photos.
Paraguay dark web
The actors, identifying as “Cyber PMC,” describe themselves as “mercenaries” attacking government systems for profit. It’s uncertain if they are backed by a foreign state or if their actions are solely motivated by cybercrime.
Flax Typhoon, a cyber group associated with China, hacked into Paraguayan government networks last year, as reported by the Paraguayan Ministry of Information and Communication Technologies and the U.S. Embassy in Asunción. This advanced persistent threat involved using malware to access systems and gather sensitive data while staying hidden. There have been no data leaks, and no affected organizations have been named.
Resecurity noted that Paraguay is the only South American country to recognize the independence of Taiwan. China considers the island nation as its territory, and has carried out a global campaign to convince other governments to do the same.
The intensity of cyberattacks and data breaches targeting Paraguay and other countries in South America is alarming. Resecurity highlights the increasing efforts of foreign threat actors to compromise government information systems and portals that store PII of citizens.
