An online advertisement has surfaced allegedly offering access to sensitive Colombian data through two specialized APIs, potentially compromising government-managed systems. These APIs reportedly allow querying personal data from what appears to be a national identity database using national ID numbers and provide access to SIMIT, Colombia’s national system for centralizing traffic fines and penalties. SIMIT is a critical national infrastructure for managing traffic violations, and national ID data is fundamental for citizen identification, making the alleged availability of this information via these APIs highly concerning for the security of official records and citizen privacy.
The first API allegedly allows users to retrieve personal data based on a national ID number. The second API reportedly grants access to the SIMIT system, enabling queries of active traffic infractions by license plate number. The individual or group behind this offering claims these solutions are fast, accurate, and ready for integration. The potential exposure of such comprehensive data raises significant privacy and security alarms for Colombian citizens, as the information could be exploited for various illicit purposes.
The data allegedly accessible includes:
- Via National ID API:
- First and last names
- Address
- Municipality
- Contact information
- Other key details for identity verification
- Via SIMIT API (for traffic violations):
- Date of infraction
- Amount of infraction
- Status of infraction
- Type of infraction
- Full information about the offender (name, surname, document type, ID number)
