A cyberattack against the Dirección General de Control de Armas y Municiones left exposed personal data of 18,000 users after the theft of 30 GB of information through the institution's web portal. The intrusion, under investigation, affected user accounts through password changes, although the main database was not compromised.
The institution itself confirmed that the attack was executed by a foreign actor with a high degree of sophistication. Access occurred on files available on the portal, not on the central core of the database. Not all users were affected, although the incident forced the activation of containment and warning measures.
"Indeed, an attack was suffered by a foreign actor, with advanced knowledge, tools, possibly even the use of Artificial Intelligence, which bypassed two levels of protection with which Digecam counts" - Colonel Otto Rosito, director of the institution
Access to accounts and notice to the affected
The attacker managed to enter user accounts after modifying access passwords. The extracted information corresponds to files that were hosted on the portal and accessible within that digital environment. Digecam maintains that the main infrastructure where the database is stored was not compromised.
"He used some sophisticated system to enter and make changes, because he could only see what is directly on the portal. Not all users were affected" - colonel Otto Rosito, director of the institution
The institution notified almost all of the compromised individuals and recommended immediately changing the portal passwords. At the same time, it clarified that the validity of licenses and holdings is maintained for affected users, so the incident does not currently alter those permits.
Intervention of cyberdefense and communication to the Prosecutor's Office
After detecting the attack, Digecam activated the support of the Batallón de Ciberdefensa and brought the facts to the attention of the Ministerio Público, which must advance in the investigation into the authorship and scope of the intrusion. The entity has already appeared before the Fiscalía to collaborate with the necessary documentation.
"We have appeared before the Prosecutor's Office to place ourselves at the disposal of all the information they need to advance in the process" - Colonel Otto Rosito, director of the institution
In parallel, instruction was given to arms dealing companies to strengthen the identity verification of buyers. The objective is to reduce the risk of fraud derived from the possible misuse of compromised data after illicit access.
More investment in technological security
The budget allocated to technology will increase from Q2.1 million in 2025 to Q9.8 million in 2026. The forecast contemplates a notable increase in resources to reinforce the protection of systems after the attack.
The funds will be directed to the improvement of electronic signature systems, network repair, and a comprehensive modernization of computer systems. The institution thus seeks to correct vulnerabilities in the digital environment that allowed the extraction of information and strengthen protection mechanisms in the face of new intrusion attempts.