The Colombian government is facing allegations of a data breach, with a threat actor named “dawnofdevil” claiming to offer unauthorized VPN access to a government ministry for $1000. The breach reportedly involves SSL VPN access related to the Ministry of Colombia, utilizing Fortinet technology. Although the specific government entity affected has not been disclosed, the associated website shows no apparent signs of a data breach on its front end, indicating that hackers may have targeted the back-end infrastructure. These claims come in the context of previous cyber incidents in Colombia, including the sentencing of Andres Felipe Cardoso Alvarez, associated with the Anonymous Colombia group, to over three years in prison for charges related to computer system abuse and damage.
It’s noteworthy that the alleged breach and sale offer were posted by “dawnofdevil” on January 19, 2024, raising concerns about the potential compromise of sensitive government data. The nature of the SSL VPN access being offered suggests a significant security lapse within the Ministry of Colombia’s network infrastructure. While the website associated with the ministry appears to be operational, the lack of visible signs of a breach on the front end leaves room for speculation regarding the extent and impact of the cybersecurity incident.
The incident underscores the ongoing challenges governments face in securing their digital infrastructure against cyber threats. The unauthorized sale of VPN access highlights the potential risks associated with insider threats or external actors gaining illicit access to sensitive government networks, posing potential national security concerns. The Colombian government and relevant cybersecurity authorities will likely investigate the claims to assess the validity of the breach and take necessary measures to address vulnerabilities and protect sensitive information.