The hacking of the Your Employment portal, of the Ministry of Labor and Social Welfare (Mintrab), and an alleged violation of the portals of the Superintendence of Tax Administration (SAT) and the National Registry of Persons (Renap) occur in a context in which structural weaknesses had already been noted in the State’s digital systems.
On April 15, 2026, journalist and researcher Luis Assardo published an analysis in which he pointed out vulnerabilities in government platforms, after the attack against the General Directorate of Arms and Ammunition Control (Digecam), occurred on April 7.
According to Otto Rosito, director of the entity, this incident allowed the theft of information from about 18 thousand users and the internal systems were not compromised, since the attack was limited to the website.
These cases were linked to an actor identified as “Gordon Freeman”, who, according to authorities, had also participated in similar attacks in other Latin American countries. Added to these events is the activity of another actor identified as MrGoblinciano, related to attacks on the University of San Carlos de Guatemala (Usac) and the Rafael Landívar University (URL).
Risks of using information
In the opinion of cybersecurity experts, the exposed information can be used by criminals to commit financial fraud, identity theft, targeted deception campaigns and extortion with a higher level of precision. They also point out that the data can be sold in clandestine markets or used at different times.
Likewise, they warn that structured information, such as personal data, employment records or identifications, can be combined to build profiles that facilitate the execution of crimes in different areas, including financial and digital areas.
The three experts consulted agree that the attacks are not isolated or recent events, but may have occurred weeks or months before becoming public. They also point out coincidences in the lack of specific regulation, limited institutional coordination and weaknesses in the technical implementation of security measures.
You might be interested in: Renap rules out hacking of its systems after computer attack alert
Lack of coordination and institutional weaknesses
For Héctor Fernando Cabrera, general director of Sinergit, the attacks on the institutions’ portals are a symptom of a structural and underlying problem that the country has ignored.
Cabrera said that these hacks could continue, because criminals already know that the portals of public institutions do not have updated systems to prevent them.
He added that there is a legal deficiency, one institutional and another technical, which is operational.
He added that, of the recorded attacks, the largest is that of the Ministry of Labor, because more than 200 thousand records and about 40 gigabytes of sensitive information were exposed.
He commented that in State institutions there is no organization or person that coordinates the issue of cybersecurity in the country.
“Each institution has an IT department—Information Technology—that is its own and that is not coordinated with absolutely anyone,” he added.
You could also read: SAT rules out incidents in its systems after alerts for cyber attacks in public institutions and universities
Lack of regulation and consequences of data theft
Pablo Barrera, director of Cybersecurity Services at ES Consulting, said that in Guatemala there is no awareness of the consequences of the theft of personal data.
“In many other countries there are already laws for the protection of personal data, there are already cybercrime laws, there are already prevention laws and even laws that force institutions to comply with certain controls,” he noted.
He commented that there is no clear information from the authorities about whether only personal data, photos and biometrics have been stolen.
“We don’t know if this is really just the tip of the iceberg or that’s as far as they got. That’s the big problem,” he explained.
Regional trend and lack of specialized personnel
According to Amílcar de León, cybersecurity expert at the company Devel, the attacks registered in Guatemala are part of a regional trend and each year more than 360 billion attempted cyber attacks are registered in Latin America.
At a global level, he added, there is a deficit of more than 4 million cybersecurity professionals, which affects the response capacity of organizations and governments.
Legal loopholes and challenges in digitalization
Experts indicated that the cybersecurity law, which has been under discussion for the last two years in the Congress of the Republic, has not been approved in Guatemala.
They commented that companies and institutions have advanced in digitalization and now have access portals, but several have not strengthened cybersecurity.