Cybersecurity experts and citizens are on high alert following reports that Colombia's national tax authority, DIAN, suffered a massive data breach affecting millions of residents. A hacker known as ArcRaidersPlayer allegedly compromised an appointment scheduling subdomain, potentially exposing sensitive personal details and offering the database for sale online.

A major security incident has reportedly struck the Colombian tax agency, known as the Direccion de Impuestos y Aduanas Nacionales, after a hacker claimed to have accessed a critical online portal. The breach specifically targeted a subdomain used by the public to book appointments for in-person tax services. While official confirmation regarding the full extent of the damage is still pending, the situation has sparked significant concern regarding the safety of government-held digital records.

Claims emerging from various cybersecurity forums suggest that the scale of the leak could involve as many as 18 million individual records. This database, which is estimated to be approximately 16 gigabytes in size, allegedly contains names, identification numbers, and contact information. Reports indicate that this sensitive data has been offered for sale on the dark web, posing a severe risk of identity theft and financial fraud for those whose information was compromised.

Technical analysts believe the hackers may have exploited a long-standing vulnerability within the software managing the appointment system. Some experts have pointed out that this specific flaw might have been known for several months prior to the attack without being properly patched. If these claims are validated, this event would mark one of the most significant data exposures involving a government entity in Colombia's recent history.

The agency involved is a branch of the Ministry of Finance and is responsible for managing the country’s entire tax and customs infrastructure. Because DIAN handles the national taxpayer registry and financial filings for both individuals and corporations, it maintains some of the most sensitive data in the nation. The potential exposure of such a massive volume of information highlights a major point of failure in the protection of the country's fiscal digital assets.

This incident underscores the rising tide of cyberthreats facing public institutions across Latin America as they transition more services to digital platforms. While moving tax payments and registrations online offers convenience for citizens, it also creates high-value targets for criminal organizations. Colombian authorities and digital security teams are now tasked with investigating the breach and reinforcing the nation's defenses against an increasingly sophisticated landscape of ransomware and data theft.

Source: Alleged Breach At Colombia’s Tax Authority May Expose Millions Of Records