A threat actor claims to have compromised TuID Digital, the digital identity platform operated by Uruguayan state-owned telecom Antel, by obtaining the API key stored alongside internal files on Antel’s server backend. They state they could view and modify the data of any citizen who completed an online procedure and effectively gain control over thousands of digital identities, releasing 8GB of internal files plus a sample of records on persons of interest including police, government officials, journalists, and lawyers.

• CI (cédula de identidad) national ID
• First names, last names, middle name, full name
• Email address
• Phone number, prefix, cellphone
• Date of birth, gender
• Latest update timestamp
• Document type, serial number, country
• Mail and cellphone validation flags
• Security level and biometric validation status
• Identity signature transactions (idSignIdentityTx)
• Registration officer, revoked date, addresses
• City contract sign, location, department
• Identification expiry, registration authority
• signIdentityLegalPersonDto, signIdentityEnterpriseDto
• Accepted certificates, active PFCert, certificate issuance mode
• Mail token, password hash flag, register info
• Internal proposals, employee feedback, legal documents
• Technological infrastructure works, small databases
• Number portability records (Portabilidad numérica)
• Antel backend and frontend documentation
• TuID Digital API keys