The company Interfactura, specialized in certification services, has warned about a possible attack by the ransomware group Cl0p. This organization holds sensitive information in its database such as full names, addresses, RFC, phone numbers, emails, tax data, and digital seal certificates, which could allow for everything from tax identity theft to the creation of false operations or the simulation of declarations before the SAT.
Cl0p already has a dark history, being responsible for one of the largest attacks worldwide in 2023, where they compromised more than 1,000 organizations by exploiting vulnerabilities in the MOVEit software. Víctor Ruiz, an expert in cybersecurity, warns about how easily Mexican companies can be breached and how a single attack can affect an entire supply chain.
The list of potential Cl0p victims in Mexico is not limited to Interfactura, but also includes other important companies such as Enteratek, IUSA, Productos Innovadores, and The Home Depot Mexico. This suggests a possible coordinated attack against key organizations in the country, which could have a domino effect on the fiscal ecosystem.
If the attack is confirmed, the consequences could be devastating. Although the final responsibility does not lie with the user, but with the company that fails in its security. It is crucial to monitor any irregularities in invoices, protect Digital Seal Certificates, and avoid sharing tax credentials insecurely.
Interfactura, in addition to being used by thousands of taxpayers to fulfill their tax obligations, handles data from large corporations like Grupo Salinas, Liverpool, Femsa, Kodak, Banorte, and Cemex. Therefore, a successful attack could result in a massive leak of corporate and personal data at a time when the SAT is especially vigilant.
Amid the tax declaration season, any interruption in Interfactura's services, whether due to an attack or preventive disconnections of its systems, could cause chaos among taxpayers, with errors in CFDI validation and possible sanctions from the tax authority. It is essential to choose secure platforms for issuing invoices and have protection mechanisms against massive fraud.
The situation with Interfactura and the Cl0p ransomware group serves as a warning for all taxpayers and businesses in Mexico. Protecting tax data and being vigilant to any irregularities in invoices becomes crucial in an increasingly threatening cybersecurity environment.
