An army officer has reportedly been arrested in connection with a cyberattack in which a huge trove of emails and documents was stolen from the IT system of the Ministry of National Defense (Sedena).
Citing federal security cabinet sources, the El Universal newspaper reported Tuesday that Jesús “N,” a lieutenant colonel who worked in Sedena’s IT department, was detained in connection with the 2022 hack perpetrated by the Guacamaya hacking group. The federal government hasn’t publicly confirmed the arrest.
Guacamaya leaked thousands of sensitive documents to media organizations, which published numerous stories based on the information they received. They included reports on President López Obrador’s health problems, the government’s plan to create an army-run commercial airline, a soldier’s sale of weapons to a criminal organization and the Mexican military’s planning and operational shortcomings.
El Universal said that Jesús “N” is accused by the Military Justice Prosecutor’s Office of a “breach of military duties” – specifically the “loss of military information.”
The Military Justice Code stipulates a minimum jail sentence of one year for a breach of military duties, although a sentence of just four months imprisonment can be handed down if the breach was the result of “clumsiness or carelessness.”
The maximum jail sentence for the crime is 60 years.
Jesús “N” is being held in a prison at a Mexico City military facility, El Universal said. The information engineer is the first military leader to be detained in connection with the Guacamaya cyberattack, but more officials are expected to be arrested, the newspaper said.
The Military Justice Prosecutor’s Office began an investigation “to detect possible omissions” by Sedena IT personnel months ago even though López Obrador ruled out a probe last October, El Universal said.
Sedena has tightened IT security to protect against future cyberattacks and strengthened checks of IT and cybersecurity employees as a safeguard against leaks of sensitive information.
National Defense Minister Luis Cresencio Sandoval said in February that Mexico’s national security wasn’t compromised despite the theft of six terabytes of confidential information.
López Obrador also played down the seriousness of the hack, saying late last year that he didn’t expect any negative consequences from it.
The president has recently been questioned about leaked Sedena documents that appear to confirm that the Defense Ministry has spied on citizens during the term of his government. López Obrador denies that is the case, saying earlier this month that the army does intelligence work but doesn’t spy on anyone.
Last week he said he suspected that the Guacamaya hacking group – which has also stolen information from the Chilean and Peruvian governments – is made up of “international agencies linked to the conservative group headed by [businessman and government critic] Claudio X. González.”