Hackers Breach Argentina’s Airport Security Payroll System

January 7, 2025 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Hackers have reportedly compromised the payroll system of Argentina’s Airport Security Police (PSA), exposing sensitive financial and personal data of its officers and civilian staff.

The breach, which local media described as a calculated attack, highlights critical vulnerabilities in the agency’s cybersecurity infrastructure.

How the Attack Unfolded

The cybercriminals gained access to PSA’s payroll database and manipulated salary records.

Unauthorized deductions between 2,000 and 5,000 pesos ($100 to $245) were made under fabricated categories like ‘DD mayor’ and ‘DD seguro.’

These fraudulent activities left affected officers scrambling to recover their stolen wages via the Banco Nación platform, the bank responsible for processing the agency’s payroll.

According to a website Diario Pampero the breach stemmed from a vulnerability in Banco Nación’s systems rather than PSA’s internal network. Investigators have yet to determine whether the attack originated from abroad or within Argentina, though the possibility of internal accomplices has not been ruled out.

Widespread Impact

The scope of the attack is significant, with some officers reportedly experiencing the deductions up to three times. This repeated unauthorized access hints at the possible installation of malicious software that enabled persistent entry into the payroll system.

Neither PSA nor Banco Nación has officially commented on the attack or disclosed the exact amount of funds stolen, adding to the uncertainty surrounding the breach.

Cybersecurity Measures in Response

In the aftermath, PSA has taken swift action to prevent further damage. The agency temporarily blocked certain services, including institutional webmail, and launched an internal cybersecurity awareness campaign to educate its staff on best practices for safeguarding sensitive information.

Though the attack’s motivation remains unclear—whether financial gain or political disruption—the incident has underscored the need for stronger cybersecurity protocols in government institutions.

Broader Cybersecurity Concerns in Argentina

This breach is not an isolated event; Argentina has faced several high-profile cyberattacks in recent years.

December 2023: Hackers targeted the Mi Argentina and SUBE platforms, disrupting services and exposing the personal information of millions. These platforms manage digital IDs and public transport cards, respectively.

July 2023: Telecom Argentina suffered a ransomware attack where 18,000 workstations were encrypted using stolen admin credentials.

April 2023: Hackers allegedly gained access to the Central Bank of Argentina’s database, compromising the names and ID numbers of customers.

These incidents reflect a growing trend of sophisticated cyberattacks targeting key national infrastructure, highlighting the urgent need for improved digital defenses.