A new alleged massive data leak in Argentina now targets the Ministry of Health and would affect 52 million people, after several accounts specialized in the dark web disseminated the notice in the last few hours.
The breach, if confirmed, would further increase the severity of a chain of incidents that had already affected public organizations, universities, and companies. The paradox is that the country accumulates announcements of massive access to official databases while national authorities have not yet officially confirmed this latest case.
The alert was disseminated by the account DailyDarkWeb on the X social network, where it assured that cybercriminals would have accessed sensitive data from the Argentine health system. The attackers claim to have personal data, health records, biometric profiles, and medical histories of the entire country's population.
Attackers claim to have medical histories of the entire Argentine population
For now, there is no official confirmation of the incident by national authorities. Nor has a public validation of the real scope of the supposedly stolen database been released.
The accusation comes after several recent episodes with a similar pattern. In October 2025, the Nova Ransomware group claimed to have obtained information from two million patients and threatened to publish the material on the dark web if they did not receive a ransom.
In that episode, the Ministry of Health denied a direct hack. Even so, specialists at the time cited files with references to vaccination campaigns, provincial records, and health reports, which fueled doubts about the origin and authenticity of part of the material.
Argentina chained leaks of 80 million records and more than one terabyte
The alleged Ministry of Health breach also appears in a context of massive attacks and data publications during 2026. In May, an actor identified as Skull1172 claimed to have compromised more than 900 government, university, and media domains, with a database of more than 80 million records.
Two months earlier, in March 2026, the Chronus Team group published more than one terabyte of sensitive information linked to ANSES, ARCA, motor vehicle registries, and telephone companies.
Among the data compromised in recent incidents are DNI numbers, CUIL, phones, email addresses, passwords, and internal records of public agencies. The reiteration of these elements shows that these are not just administrative databases, but also credentials and contact data with the capacity for personal exposure.
Following the March leak, the Agency for Access to Public Information opened an investigation ex officio. The agency also recognized then the need to update the regulatory framework for the protection of personal data in Argentina.