How Infostealers Leaked the Personal Data of Almost All Paraguayans (7.4 million citizens)

The personal data of more than 7.4 million Paraguayans has been exposed in a massive leak organized by the cyber group Brigada Cyber ​​PMC. At the heart of the scandal is the infection of a civil servant’s device with the Redline infostealer, which gave the attackers full access to key government systems.

According to Resecurity and Hudson Rock, the attack began in April 2023, when the computer of an employee of the Paraguayan Ministry of Health was infected with the Redline infostealer. This malicious program automatically stole credentials, including access to internal government domains. As a result, hackers gradually took possession of a mass of confidential information covering almost the entire nation.

• In June 2025, several ads appeared on the darknet for the sale of this data — the attackers asked for $7.4 million for the full archive. Among the published information: names, ID numbers, professions, certificates, dates of birth and records of COVID-19 vaccinations. A significant part of the array is relevant for 2024–2025.
• This is not the first attack on Paraguayan state structures in the past year. In May, the social networks of President Santiago Peña were hacked, and previously the Ministry of Finance, the Central Bank and the Electoral Tribunal were attacked. CERT-PY — the national cyber incident response team — has already recorded two more new intrusions into state structures.
• Resecurity analysts believe that the attack could have been manipulated by foreign intelligence services, and the information leak at a “low” price was supposed to divert attention from espionage targets. The Chinese group Flax Typhoon is also mentioned, which has previously attacked Paraguayan government systems with malware.

The situation in Paraguay shows how info-stealers have become a strategic weapon in modern cyberwars. The leak, which covered almost the entire country, was made possible by a single infected machine. The president promised to create a National Cyber ​​Strategy to protect citizens. But whether this will be enough – time will tell. The state should be a shield, not a risk,” Peña emphasized, addressing citizens.