DarkForums Leak Exposes 103K Records from Miraflores Municipality
Early this morning, a DarkForums member allegedly leaked a database purportedly belonging to the Municipality of Miraflores, a district of Lima, in Peru. The SQL database was freely shared, containing 103,744 individual records, accompanied by a colorful message left behind by the user.
Hey Miraflores, remember the circus back in 2023 and 2024? When all your neighbors’ data leaked out and instead of fixing anything, you just cried, pressed charges, and played the victims.
A whole year has passed since the last leak and guess what? Your system is still the same, full of holes everywhere. And you call that security? Well, since you never learn, here comes Part 2025. And this time it’s not just a few records, it’s 103,744 updated ones. And no, it’s not just names and emails… this comes with the full package:
Below is a list of the SQL database columns, translated from Spanish to English:
- document
- document_type
- user_id
- company_name
- user_email
- phone
- mobile_phone
- representative
- paternal_surname
- maternal_surname
- reniec_name
- source
- creation_date
- modification_date
- created_by
The message continues:
In other words, everything’s there: from the basic stuff that gets you spam calls, to the kind of information someone can use to build a complete profile of anyone. Meanwhile, you just sit back, pretending nothing’s wrongSo here’s the reminder: I’m keeping my word. The one who warns doesn’t betray… but with you, it seems that even being warned won’t make a difference. See you in the next season of the same show.
Our researchers have verified the contents of the dump, which contains a staggering amount of personally identifiable information (PII), lending credibility to the allegations by the DarkForums member.
Revisiting the Data Breach Security Incident 2024-23
In October 2024, the Municipality of Miraflores suffered the same data breach, which was touched upon by the DarkForums member. It would seem true to the tirade above that the Municipality addressed the security incident in an unusual way, by filing a criminal complaint over the alleged database compromise.
Peruvian press coverage confirmed the leak and the extent of the damage caused, which affected 82,000 residents, whose personal information was compromised, which seems to be a recurring theme here.
There was also an earlier, separate Miraflores data breach in May 2023, which was disclosed on BreachForums. According to Peru’s data protection authority (ANPD), the data leak also exposed personal data, which included names, job positions, and national ID (DNI) numbers of staff, which is similar to a Social Security Number.
This caught the attention of the ANPD (Autoridad Nacional de Protección de Datos Personales, under the Ministry of Justice), which opened an investigation into Miraflores that same month to ascertain who was responsible and explore potential sanctions.
No fines or sanctions were officially imposed. Perhaps that is why Peruvian residents continue to fall prey to cyber threats.