Mexican Army targeted by hacking organization in historic cyber-attack

By October 5, 2022

Mexico’s Ministry of National Defense (SEDENA) was hit by a historical cyber-attack resulting in 6 terabytes of stolen information, the Mexican government confirmed on September 30th. 

Hacking collective “El Guacamaya” led the unprecedented extraction of classified information consisting of thousands of documents from the Mexican military. The hackers reportedly shared documents collected with various news organizations. 

Mexican President Andrés Manuel López Obrador confirmed last Friday that the hacktivist organization targeted Mexico’s military, however, the president quickly dismissed the attack, saying all information stolen was already in the public domain. 

“Well, it is true. There was a cybernetic attack, which some call information theft; employing modern mechanisms, they extract files. Well, they are very specialized people, not just anyone,” explained Mr. López Obrador during his morning press conference a day after the information was leaked. 

So far, the stolen information released by journalist Carlos Loret de Mola has consisted of medical reports on the president’s health and details on military operations.

During his program on the digital media outlet, Latinus, which is headquartered in the United States, Mr. Loret de Mola divulged military reports revealing that Mr. López Obrador suffers from gout and hypothyroidism.

In addition, the president was diagnosed with high-risk unstable angina pectoris, for which he had to be transferred from his farm in Chiapas to a military hospital in early January.

Mr. López Obrador at his daily press conference on September 30th.

Mr. Loret de Mola also spoke about the operation known as “El Culiacanazo,” an embarrassing episode for the military in October 2019 when Mr. López Obrador ordered the armed forces to free Ovidio Guzmán, son of the renowned drug kingpin Chapo Guzmán, moments after his arrest.

The order to release Mr. Ovidio came after the intense and violent response from the Sinaloa Cartel, who demanded the release of the former capo’s son.

One of the details uncovered by Mr. Loret de Mola is that nine people died in the clashes between the army and organized crime, and not eight as initially reported.

At a press conference, Mr. López Obrador diminished the information divulged by Mr. Loret de Mola and the overall hacking attack on SEDENA. 

“He who owes nothing fears nothing,” he said. “I’m sure that everything they hacked has already been said. Even about my illness, it has already been said … They even missed some things. I have said other things.” 

Guacamaya has also reportedly been behind hacks on military intelligence in countries such as El Salvador, Colombia, Peru, and Chile. 

Their efforts have focused on land protection, calling out the exploitation and sacking of “Abya Yala” (an indigenous name for the American continent), presenting themselves as an organization against colonialism and U.S.-led imperialism

In a recent example, Guacamaya leaked hundreds of thousands of documents on the local subsidiary of mining conglomerate Solway Group in Guatemala to the non-profit journalistic organization Forbidden Stories. 

After the hacking attack on Mexico’s military, Guacamaya explained that different Mexican investigative journalists were given access to the 6 terabytes of information, but it was Mr. Loret de Mola who rushed to publish the reports on the president’s health. 

So far, Guacamaya has uncovered that SEDENA has been monitoring “insurgent movements” and social leaders such as feminist collectives and the former guerilla group Ejercito Zapatista de Liberación Nacional (EZLN), as threats to national security. 

Much of the 6 terabytes of information remains unknown.