News / Risk of fraud and disruption after data breach on Mexico port platform

© Rumana111ferdousi |

A cyberattack on Mexico’s port access platform has unveiled vulnerabilities in the system, and raised fears of criminal repercussions.

Earlier this month, a hacker infiltrated the Ministry of the Navy’s Safe Smart Port (PIS) platform and extracted 39.7GB of data, containing detailed information on some 640,000 logistics personnel that have access to Mexico’s national ports.

The portal manages logistical access to all national ports and contains detailed information on every transport provider, customs agent, crane operator, and other logistics operators, all of whom have to register on PIS to obtain clearance for access.

The platform holds users’ biometric data and official ID, like social security number and taxpayer registry, as well as facial photos. It also contains information on blacklisted personnel who are restricted from access to ports.

The hack was detected and reported by a journalist who covers cybercrime. He identified the perpetrator as a member of Sociedad Privada 157, a group of hackers based in Mexico that targets institutions to leak or compromise data.

After his report appeared on social media, the administration of the port of Manzanillo (ASIPONA) confirmed the incident. It reported it had temporarily restricted access to services hosted on its servers, updated user credentials, disabled direct database access from external IP addresses, and cancelled access in test environments.

But it added that access had since been restored and that the system was operating normally. In addition, ASIPONA noted that it was monitoring the system on a permanent basis to prevent any further incidents.

Subsequently, port users reported that they had received official correspondence from the navy advising them to reset passwords for use of the platform.

None of the other 17 port administrations in Mexico nor the navy issued public statements on the incident, a stance that has been criticised by some users as deepening uncertainty about the platform’s safety. They argue that the data breach is a national issue and should be addressed collectively.

Security experts, including the journalist who broke the story, have warned that the incident had elevated the risk of criminal activity targeting port users and/or the system, from leveraging user data to create fake credentials, to extortion and creating disruptions.

Cyberattacks have multiplied in Mexico at an alarming rate. The Secretariat of National Defence alone registered 12.4m attacks in the first ten months of last year, an increase of 242% from 2024.

According to Kaspersky Cyber Security, 43% of organisations in Mexico reported cybercrime incidents in the past 12 months.

Catch up with The Loadstar’s News in Brief podcast, feauturing exclusive content from Aevean