The National Securities Commission (CNV) faced a significant cybersecurity challenge on June 7 when it detected a ransomware attack orchestrated by the hacker organization Medusa. The malicious code, identified as the Medusa ransomware, infiltrated CNV’s computer systems, rendering its platforms offline. Despite the CNV’s efforts to isolate and control the attack, Medusa fulfilled its threat by releasing sensitive information stolen from the Argentine capital market regulator. The cybercriminals demanded a $500,000 ransom for the return of the hijacked data.
The stolen files, totaling 1.5 terabytes in size, were initially uploaded to the dark web, an inaccessible part of the internet for conventional search engines. Although barriers existed for accessing this information, recent developments indicate that these restrictions have been lifted. As a result, a significant portion of the stolen data has become publicly accessible to those navigating the dark web, with social media messages and links circulating the information.
The CNV, acknowledging the cybercrime on June 12, refrained from commenting on the leak but highlighted its commitment to preserving information through preventive measures against cyberattacks. The regulatory body filed a criminal complaint with the Specialized Fiscal Unit on Cybercrime (UFECI) and is currently responding to the Prosecutor’s Office’s requirements. Meanwhile, the cyberattack, executed through ransomware tactics, has not only exposed the vulnerability of financial institutions but also poses a risk of disclosing confidential information related to listed companies and market operations, raising concerns about the broader impact on the Argentine capital market.
