Saturday, July 5, 2025

Army officer detained in connection with Defense Ministry hack

An army officer has reportedly been arrested in connection with a cyberattack in which a huge trove of emails and documents was stolen from the IT system of the Ministry of National Defense (Sedena).

Citing federal security cabinet sources, the El Universal newspaper reported Tuesday that Jesús “N,” a lieutenant colonel who worked in Sedena’s IT department, was detained in connection with the 2022 hack perpetrated by the Guacamaya hacking group. The federal government hasn’t publicly confirmed the arrest.

For online profiles, the hacker collective Guacamaya uses art showing its avian namesake programming on a computer.
Hacker collective Guacamaya has represented itself with this artwork. (Guacamaya via Vice)

Guacamaya leaked thousands of sensitive documents to media organizations, which published numerous stories based on the information they received. They included reports on President López Obrador’s health problems, the government’s plan to create an army-run commercial airline, a soldier’s sale of weapons to a criminal organization and the Mexican military’s planning and operational shortcomings.

El Universal said that Jesús “N” is accused by the Military Justice Prosecutor’s Office of a “breach of military duties” – specifically the “loss of military information.”

The Military Justice Code stipulates a minimum jail sentence of one year for a breach of military duties, although a sentence of just four months imprisonment can be handed down if the breach was the result of “clumsiness or carelessness.”

The maximum jail sentence for the crime is 60 years.

AMLO at Mexican army ceremony
López Obrador has closely aligned with the military during his presidency and has defended the Defense Ministry against allegations of misconduct. (Gob MX)

Jesús “N” is being held in a prison at a Mexico City military facility, El Universal said. The information engineer is the first military leader to be detained in connection with the Guacamaya cyberattack, but more officials are expected to be arrested, the newspaper said.

The Military Justice Prosecutor’s Office began an investigation “to detect possible omissions” by Sedena IT personnel months ago even though López Obrador ruled out a probe last October, El Universal said.

Sedena has tightened IT security to protect against future cyberattacks and strengthened checks of IT and cybersecurity employees as a safeguard against leaks of sensitive information.

National Defense Minister Luis Cresencio Sandoval said in February that Mexico’s national security wasn’t compromised despite the theft of six terabytes of confidential information.

López Obrador also played down the seriousness of the hack, saying late last year that he didn’t expect any negative consequences from it.

The president has recently been questioned about leaked Sedena documents that appear to confirm that the Defense Ministry has spied on citizens during the term of his government. López Obrador denies that is the case, saying earlier this month that the army does intelligence work but doesn’t spy on anyone.

Last week he said he suspected that the Guacamaya hacking group – which has also stolen information from the Chilean and Peruvian governments – is made up of “international agencies linked to the conservative group headed by [businessman and government critic] Claudio X. González.”

With reports from El Universal and El País

Have something to say? Paid Subscribers get all access to make & read comments.
News quiz

The MND Quiz of the Week: July 5th

2
Floods, football and fiscal responsibility: Have you been following the news in Mexico this week?
Jake Paul points at boxer Julio César Chávez Jr

Boxer Julio César Chávez Jr., facing organized crime charges in Mexico, is detained by ICE

1
The former world boxing champion faces accusations of arms trafficking in connection to the Sinaloa Cartel.
people walk through mexico city with umbrellas, with the latin america tower in the backgound

An unusually rainy June brings drought relief and flooding to Mexico

4
Mid-way into the rainy season, Mexico's reservoirs are 45% full on average — a big improvement over last month, but still less than historical norms.
BETA Version - Powered by Perplexity