Journalist Ignacio Gomes Vielasevic reported on a possible cyberattack on the National Electoral Institute (INE) in Mexico, which led to a public investigation into the incident. According to the data, the hacker group Sc0rp10n managed to gain access to internal INE servers through "backdoors," established in previous years.
Gomes Vielasevic stated that Sc0rp10n "obtained large amounts of data, including INE," but did not specify what exactly was extracted. He added that the attack allowed for full control of the INE, including data, documents, and technical communications. The journalist noted that the current system of INE authentication with two-factor verification (MFA) could be compromised through session cookies.
INE officially verified the attack: in the report, it was confirmed that an incident occurred, and the next measures without risk (including full use of VPN accounts and MFA) exclude the use of personal data. "INE guarantees the security and integrity of its systems," the institute stated.
Earlier, Gomes Vielasevic had confirmed that Sc0rp10n had provided access to an internal INE document, which had not been publicly published. According to his words, hackers received this material through the system, which confirms the technical sophistication of the attacks. Cybersecurity expert Nicolas Asuar assessed the risks based on the updated data of 2024, and named them significant.
The journalist checked that INE did not provide a full system audit and prematurely disclosed all information. "Potentially, Sc0rp10n maintains a permanent presence and publishes new documents at any time," warned Gomes Vielasevic.
**Quotes**: — "INE recognizes practically everything I reported: that the MFA system can be compromised through pre-configured corporate cookies." — "Sc0rp10n did not disclose that this was a public document." — "As far as I know, INE demonstrates technical non-compliance, ensuring, that the user is located on the dark web."
