The hacktivist group known as Cibeguerrilla Nahual reportedly managed to breach the National Epidemiological Surveillance System (SINAVE). This incident came to light after thousands of records of patients diagnosed with tuberculosis were leaked, exposing sensitive information, including personal data, medical histories, and other confidential details.
The leak—reviewed by Publimetro México to confirm that it involves sensitive information—constitutes one of the most serious security breaches in the country’s healthcare sector. This incident not only affects patients but also the doctors and healthcare personnel involved in their treatment.
Personal and Medical Data Exposed
The attack resulted in the exposure of highly sensitive data, including full names, CURP (National Registry Number), dates of birth, medical units, specific diagnoses, and ongoing treatments. The leaked database contains patient information from 2018 to 2025, indicating that the compromised records are recent and affect people undergoing active treatment.
In addition to clinical information, socioeconomic details about patients have also been leaked, such as their education, occupation, and whether they belong to an indigenous community. It even reveals who has died from the disease.
Risks for Patients and Medical Staff
The leak of this information puts thousands of people at risk, potentially victims of discrimination, stigmatization, and even extortion.
Having a tuberculosis diagnosis is highly sensitive health information that, if it falls into the wrong hands, could be used to affect patients’ work and social lives. Furthermore, by including the names of the treating physicians and responsible hospitals, healthcare professionals are also exposed to potential threats, identity theft, or harassment.
Those responsible: Nahual and their protest agenda
The hacktivist group known as Ciberguerrilla Nahual claimed responsibility for the attack. They announced the leak on social media and justified their actions as a measure of pressure against the Oaxaca government, which they accuse of ignoring the demands of indigenous communities.
Cyberguerrilla Nahual has been active in multiple attacks on government institutions in recent weeks, including breaches in state prosecutor’s offices, judiciaries, and security systems. Victims include, for example, the prosecutor’s offices in Chihuahua, Oaxaca, and the State of Mexico, as well as the judiciaries of Mexico City and Tamaulipas.
The Magnitude of the Breach
The database accessed by Publimetro México included more than 1,300 records; however, this figure represents only a fraction of the total breach. Therefore, there are fears that the actual number of compromised records is significantly higher, especially considering that the epidemiological system manages information nationwide.
It is unknown whether the attack was carried out through a vulnerability in the SINAVE website or an internal leak, but the fact that this data was extracted and published suggests a serious flaw in the protocols for protecting confidential information.
Information Leaked in the SINAVE Database Hack
The cyberattack on the National Epidemiological Surveillance System (SINAVE) exposed a large amount of personal, medical, and socioeconomic data belonging to thousands of patients and healthcare personnel. These are the data that have been compromised:
Patients’ Personal Information
Full name
Unique Population Registry Code (CURP)
Date of birth
Sex and marital status
Occupation
Educational level
Whether they speak an indigenous language
Address or location of medical care
Medical and Epidemiological Information
Tuberculosis diagnosis (pulmonary, extrapulmonary, antibiotic-resistant)
Treatment status (active, under follow-up, cured, or deceased)
Laboratory results (smear smears, X-rays, resistance tests)
Dates of diagnosis and disease progression
Medical unit and hospital where they receive care
Data of Physicians and Healthcare Personnel
Names of treating physicians
Medical units where they work
Educational level and specialization
History of tuberculosis care
Information on Care and Treatment Centers
Hospitals and clinics with the most reported cases
Geographic distribution of the disease
Most affected health jurisdictions
Source: publimetro
