This Thursday, April 30, an alert is circulating on social networks about a possible computer attack on the Ministry of Education (Mineduc), which has already given its position on the matter.
“A massive high-impact breach has been detected targeting the servers of the Ministry of Education of Guatemala. The threat actor “GordonFreeman”—a member of the L4TAMFUCK3RS group—claims to have infiltrated the institutional network and exfiltrated a massive volume of sensitive documents,” the @VECERTRadar account published on the X social network.
In the computer attack, 150 thousand PDF files containing administrative, personal and educational records related to students, teachers and administrative staff would have been affected.
“The actor claims to maintain internal access to the institutional network, despite existing state security protocols,” stated the account @VECERTRadar.
He warned that the attacker claims to have access to highly sensitive information about each user within Mineduc.
In this sense, the Mineduc was consulted, which reported that, given the reports received about a possible cybersecurity incident this April 30, the specialized personnel of that portfolio and the Government are developing the corresponding technical analysis.
“Until this moment, no failures of this nature have been identified in the institutional electronic systems,” added the Mineduc, which added that it will expand the information on the state of the situation as soon as the review process is completed.
On April 29, the Government of Guatemala reported that it implements actions against cybersecurity incidents detected in State institutions.
“The competent authorities maintain permanent monitoring and inter-institutional coordination aimed at identifying, containing and mitigating any malicious activity, without currently registering a direct impact on essential public services,” he stated.
He added that he has issued instructions to all public entities to strengthen their security controls, reduce exposure surfaces and strengthen their incident response capabilities.
He indicated that the identification of cases responds to multiple processes that have been activated in order to apply response, containment and mitigation measures.
“Strategic actions are being implemented with international support, within the framework of cooperation alliances with partner countries such as Spain, the United States and the Republic of China (Taiwan), aimed at the sustained strengthening of national capabilities in cybersecurity, which consolidates a comprehensive approach to protecting the State’s digital infrastructure,” he noted.
Stay up to date with the Now newsletter. Key information at the moment it happens. Subscribe here.