After expressing anger that his bug bounty efforts were completely ignored by Mexican officials, a hackers stole and leaked online almost 5,000 confidential documents from the Mexican embassy in Guatemala, writes TechCrunch.
The data trove contained critical personal information of Mexican citizens and diplomats, including photocopies of passports, birth certificates, visas, payment cards and information about immunities, privileges, medical expenses and other operational data. Information pertaining to some Guatemalan citizens was also discovered. Some files were “official correspondence between countries that cannot be searched by police or customs.”
The hacker, known on Twitter as @0x55Taylor, detected a security vulnerability on the server hosting the documents and claims to have immediately informed Mexican officials about the threat. He says they didn’t get back to him. This angered him as he felt his efforts were not appreciated. He usually identifies vulnerabilities and receives financial compensation. By leaking the data, he apparently wanted to get their attention and give an example of how a server vulnerability could affect their data privacy and security.
“A vulnerable server in Guatemala related to the Mexican embassy was compromised and I downloaded all the documents and databases. But when I don’t get a reply, then it’s going public,” he said when contacted by TechCrunch. He also sent the files to the publication for an authenticity check.
The data was taken offline by the company hosting the files.
Mexico has not yet made a public statement on the event, as Friday was a national holiday.