A threat actor has allegedly leaked a massive 170GB of data belonging to several Uruguayan government entities. The primary victims named in the post are Uruguay’s Office of Planning and Budget (Oficina de Planeamiento y Presupuesto – OPP), a key department that advises the executive branch on national budget and planning, and CERTuy, the nation’s Computer Emergency Response Team responsible for cybersecurity incident response. The breach allegedly compromises sensitive information from a core part of the South American nation’s governmental infrastructure.
The threat actor claims the extensive data dump includes a wide variety of sensitive files extracted from various ministries and programs. The allegedly leaked data includes:
- Zoom recordings between municipalities
- Payment documents
- Certuy programs (red.uy)
- VPN configurations
- Agesic (Agency for Electronic Government and Information Society) applications
Furthermore, the actor has threatened to leak several more gigabytes of data soon, specifically targeting the Ministry of Foreign Affairs (mrree.gub.uy).
