Cyberattack Exposes Sensitive Data of 640,000 Mexican Port Personnel
On April 14, 2026, a cyberattack on Mexico’s Safe Smart Port (PIS) platform managed by the Ministry of the Navy exposed 39.7GB of sensitive data belonging to approximately 640,000 logistics personnel. The breach, first reported by a cybercrime journalist, revealed biometric records, official IDs, social security numbers, taxpayer details, and facial photos of workers authorized to access Mexico’s national ports, including transport providers, customs agents, and crane operators. The platform also contained data on blacklisted individuals barred from port entry.
The hacker, identified as a member of Sociedad Privada 157, a Mexico-based group known for targeting institutions to leak or compromise data, infiltrated the system earlier this month. Following the journalist’s social media disclosure, the Administration of the Port of Manzanillo (ASIPONA) confirmed the incident, temporarily restricting server access, updating credentials, and disabling external database connections. While ASIPONA later restored operations and claimed normal functionality, it acknowledged ongoing monitoring to prevent further breaches.
Port users reported receiving navy-issued directives to reset their PIS passwords. However, neither the remaining 17 port administrations nor the navy released public statements, drawing criticism for failing to address the national security implications of the breach. Security experts warned that the exposed data could fuel criminal activity, including fake credential creation, extortion, and operational disruptions.
The attack underscores Mexico’s escalating cybersecurity crisis. The Secretariat of National Defence recorded 12.4 million cyberattacks in the first 10 months of 2025 a 242% increase from 2024 while Kaspersky reported that 43% of Mexican organizations experienced cyber incidents in the past year.
Source: https://theloadstar.com/risk-of-fraud-and-disruption-after-data-breach-on-mexico-port-platform/
SSA México S.A. de C.V. cybersecurity rating report: https://www.rankiteo.com/company/ssamarinemexico
"id": "SSA1776162724",
"linkid": "ssamarinemexico",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '640,000 logistics personnel',
'industry': 'Maritime/Logistics',
'location': 'Mexico',
'name': 'Administration of the Port of Manzanillo '
'(ASIPONA)',
'type': 'Government/Port Authority'},
{'industry': 'Defense/Maritime',
'location': 'Mexico',
'name': 'Ministry of the Navy (Mexico)',
'type': 'Government'}],
'customer_advisories': 'Port users advised to reset passwords',
'data_breach': {'number_of_records_exposed': '640,000',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Biometric records',
'Official IDs',
'Social security numbers',
'Taxpayer details',
'Facial photos',
'Blacklisted individuals data']},
'date_detected': '2026-04-14',
'date_publicly_disclosed': '2026-04-14',
'description': 'A cyberattack on Mexico’s *Safe Smart Port (PIS)* platform '
'managed by the Ministry of the Navy exposed 39.7GB of '
'sensitive data belonging to approximately 640,000 logistics '
'personnel. The breach revealed biometric records, official '
'IDs, social security numbers, taxpayer details, and facial '
'photos of workers authorized to access Mexico’s national '
'ports, including transport providers, customs agents, and '
'crane operators. The platform also contained data on '
'blacklisted individuals barred from port entry.',
'impact': {'brand_reputation_impact': 'Criticism for failing to address '
'national security implications',
'data_compromised': '39.7GB of sensitive data',
'identity_theft_risk': 'High (biometric records, official IDs, '
'social security numbers, taxpayer details, '
'facial photos)',
'operational_impact': 'Temporary server access restrictions, '
'credential updates, and disabled external '
'database connections',
'systems_affected': 'Safe Smart Port (PIS) platform'},
'investigation_status': 'Ongoing',
'lessons_learned': 'The attack underscores Mexico’s escalating cybersecurity '
'crisis and the need for improved security measures in '
'critical infrastructure.',
'motivation': 'Data Leak/Compromise',
'references': [{'date_accessed': '2026-04-14',
'source': 'Cybercrime journalist (social media disclosure)'}],
'response': {'communication_strategy': 'Limited (directives to port users, no '
'public statements from 17 port '
'administrations or navy)',
'containment_measures': 'Temporary server access restrictions, '
'credential updates, disabled external '
'database connections',
'enhanced_monitoring': 'Yes',
'incident_response_plan_activated': 'Yes',
'recovery_measures': 'Restored operations, claimed normal '
'functionality',
'remediation_measures': 'Password resets for PIS users, ongoing '
'monitoring'},
'stakeholder_advisories': 'Navy-issued directives to reset PIS passwords',
'threat_actor': 'Sociedad Privada 157',
'title': 'Cyberattack Exposes Sensitive Data of 640,000 Mexican Port '
'Personnel',
'type': 'Data Breach'}