Peru's domain registrar (punto.pe) has confirmed a leaking of information that would include the passwords of thousands of users who have registered domains with termination .pe.
In the official statement published a few hours ago, they ensure that none of the passwords disclosed are used to enter the control panel of the domains. In turn, they imply that the unauthorized access occurred a few months ago and that since then the necessary measures have been taken (such as the forced change of keys) to protect the domains and the information of the users.
Were the groups #Lulzsecperu #fuckdivindat who last Friday 19 published a file in Pastebin containing users, passwords, e-mails, names, addresses and other personal data of thousands of people.
Why did they do it? Apparently to demonstrate the level of security of the entity … in the publication they included the following message:
We clarify that we do not have malicious purposes, only prove that the security of Peru is null and must be corrected. Greetings to the division of computer crimes of the National Police of Peru that since March 2012 their activity is null and they do not even get close to where We are already ASBANC for the attempt.
I cannot guarantee that it is the complete database of all users, but the information is real and I have confirmed it with some friends of Per. dot.pe that they control the state of their accounts andchange their passwords on other services if they used the same for everything.