Hacker posts Chilean government data on 6 million
An anonymous hacker has posted personal data about 6 million Chilean residents
on the Internet, highlighting wider privacy problems in the country.
The data was posted early Saturday morning on Fayerwayer.com,
a popular Chilean technology blog.
The hacker, who calls himself "Anonymous Coward," posted three compressed
files of data that included names, addresses, telephone numbers and taxpayer
identification numbers for Chilean residents, said Leo Prieto, Fayerwayer.com's
director.
A site editor spotted the data, posted in Fayerwayer's comments section, at
2 a.m. local time on Saturday. He immediately removed the files and contacted
Chilean police, who responded two hours later, Prieto said.
But over the following days the files started popping up on other sites including
Google's Blogger, Prieto said. "There's never been anything like this,"
he said. "People are alarmed."
In a note accompanying the files, Anonymous Coward said he posted the databases
to draw attention to the poor data protection measures in the country of 16
million people.
The files include tips on what to do with the data and how best to access it.
"If you're going to extract data from a server, it's recommended to make
a script that doesn't connect directly to the server, but rather via [anonymous
proxies]," the hacker wrote.
Anonymous Coward also claimed that the files include information on the daughter
of Chilean president Michelle Bachelet. "Bachelet's daughter has a school
pass, although it's not given to many people because their parents have earnings
above a certain threshold," he wrote.
The data breach has been front page news in Chile, where it was first reported
Sunday by the newspaper El Mercurio.
The publicity has focused the country's attention on both government IT security
and also the country's lax privacy laws. For example, Chile's department of
elections sells
voter data including gender, name, address, nationality, date of birth,
and information on disabilities.
Voter registration information is also sold in the U.S., but it can be used
only for political purposes. In Chile there is apparently no such restriction.
Before his site became the center of this public firestorm, Prieto said he
had no idea that his data could be sold. "There's no such thing as private
information in Chile," he said.
(Juan Carlos Perez in Miami contributed to this report.)
IDG News Service
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
Crimeware: Understanding New Attacks and Defenses
By Markus Jakobsson, Zulfikar Ramzan
Published Apr 6, 2008 by Addison-Wesley Professional. Part of the Symantec Press series.
Enter now! | Official rules | Sample chapter
Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures
By Peter Thermos, Ari Takanen
Published Aug 1, 2007 by Addison-Wesley Professional.
Enter now! | Official rules | Sample chapter
