Mexico
Government
Threat Actor Claims to Leak an INEGI Mexico Database Dump, 122K Businesses + 30K PII Records
A threat actor using the alias sativa claims to have leaked a database dump attributed to INEGI, Mexico's national statistics institute, allegedly sourced from internal GOB.MX services. The post advertises roughly 122,000 business directory records and 30,000 birth records with personal data, plus full PostgreSQL/PostGIS cartography, and provides free download links. The claim is unverified, and part of the business directory (DENUE) is data INEGI normally publishes openly.
Mexico▣Post details
Mexico!Allegedly exposed
- DENUE business directory (~122,173 records)
- Business names, legal names & addresses
- Postal codes and business phone numbers
- Business emails, websites & social handles
- GPS coordinates of establishments
- Birth records (~30,363 records)
- Newborn birth date, sex, weight & height
- Mother's age, education & marital status
- Hospital facility codes (CLUES) & APGAR
- Full PostGIS cartography (states to blocks)
Screenshots
⚠Potential impact
If the dump is genuine, the exposure of roughly 30,000 birth records, including newborn details, mothers' ages, education and marital status, and hospital facility codes, could enable serious privacy violations and the targeting of identifiable individuals. The business directory adds contact details and precise GPS coordinates usable for fraud or spam, though much of the DENUE dataset is normally public. A claimed compromise of GOB.MX internal services would also raise broader concerns about government system access.
iStatus
UnverifiedFree download links and data samples were posted to an underground forum; the samples, links, and actor contact details are not reproduced here. The claim has not been independently confirmed, INEGI/GOB.MX has not publicly addressed it, and because some of the listed business directory data is routinely published by INEGI, the dump's novelty and authenticity remain uncertain.
DARK WEB INFORMER - THREAT INTELLIGENCE
