When was the Paraguay data published by hackers?

The data was published on June 13, 2025, following Paraguay's decision not to comply with the extortion demands. The hackers released the data through torrent files, effectively making anyone who downloads it a peer distributor.

What personal information was exposed in the Paraguay breach?

The exposed data includes names and full identification details, birthdates and ages, national ID card numbers, professional occupations and employment information, educational certificates and credentials, government employee salary and payment information, COVID-19 vaccination records, medical and health-related documents, and financial information and banking details.

Who is responsible for the Paraguay cyber attack?

The attack was carried out by a group calling itself 'Brigada Cyber PMC.' They posted ransom demands on the dark web and ultimately released the data when Paraguay refused to pay the $7.4 million extortion demand.

How is the stolen Paraguay data being distributed?

The hackers released the data through torrent files, effectively making anyone who downloads it a peer distributor. This distribution method makes it extremely difficult to contain the spread of the compromised information once released.

What makes Paraguay's data breach historically significant?

This breach is historically significant because it represents one of the most comprehensive national data exposures ever recorded, affecting essentially an entire country's population (7.4 million people out of Paraguay's ~7 million citizens). The breach exposed an unprecedented range of sensitive personal information including medical records, financial data, government employee salaries, and complete identification details. The symbolic ransom demand of $1 per citizen and the government's refusal to pay, resulting in public data release via torrent distribution, makes this a landmark case in national cybersecurity incidents. It demonstrates how a single compromised government employee credential can lead to the exposure of an entire nation's personal data.

Incident

Paraguay hit by catastrophic data breach as hacktivists leak personal data of entire population

Q: How many people were affected by Paraguay's data breach?

Approximately 7.4 million citizens were affected - essentially Paraguay's entire population. Resecurity confirmed that the leaked data contained 'information about the entire population' of Paraguay's nearly 7 million citizens, with the company speaking directly to multiple victims who confirmed their data was accurate.

published: June 26, 2025

Take action: Infostealers are extremely dangerous. Especially on government system accounts.

Learn More

Paraguay is facing one of the most devastating data breaches in the nation's history. Hackers have leaked the personal information of approximately 7.4 million citizens - essentially the country's entire population - after the government refused to pay a $7.4 million ransom demand.

The data was published on June 13, 2025, following Paraguay's decision not to comply with the extortion demands from a group calling itself "Brigada Cyber PMC". The breach was caused by an attack that began with Redline information-stealing malware compromising government employee credentials. Hudson Rock researchers traced the breach back to an infostealer infection on a government employee's device with access to the domain rve.mspbs.gov.py, connected to Paraguay's Ministry of Public Health and Social Welfar.

The hackers used the stolen credentials to gain unauthorized access to critical government systems via phpMyAdmin interfaces, allowing them to slowly exfiltrate massive datasets over an extended period.

Brigada Cyber PMC posted a ransom note on the dark web demanding $7.4 million - symbolically $1 per Paraguayan citizen. When Paraguay's government declined to pay, the hackers released the data through torrent files, effectively making anyone who downloads it a peer distributor.

The exposed data includes:

Names and full identification details
Birthdates and ages
National ID card numbers
Professional occupations and employment information
Educational certificates and credentials
Government employee salary and payment information
COVID-19 vaccination records
Medical and health-related documents
Financial information and banking details

Resecurity confirmed that the leaked data contained "information about the entire population" of Paraguay's nearly 7 million citizens, with the company speaking directly to multiple victims who confirmed their data was accurate.

Initially, Paraguayan officials attempted to downplay the incident, with Minister of Technology and Information Gustavo Villate suggesting the data was "not recent" and urging the public not to panic. Four days after the data was released, President Santiago Peña announced the launch of a national cybersecurity strategy to "protect citizens' rights and data in the digital age", acknowledging the severity of the breach.

Paraguay hit by catastrophic data breach as hacktivists leak personal data of entire population

Read More
Cambridge Labour Party leaks data of it's members
Hackers breach Belgian intelligence mail through vulnerable Barracuda …
RansomedVC claim theft of voter data from DC …
City of Green River, Wyoming hit by ransomware, …
Hacker claims breach at Colombia's Tax Authority DIAN, …