El Salvador’s state-managed Bitcoin wallet, Chivo, finds itself embroiled in yet another data breach, as hackers have disclosed another set of sensitive information. Anonymous actors operating under the moniker CiberInteligenciaSV released Chivo’s source code and VPN credentials for state-operated Bitcoin ATMs in El Salvador on April 23, posting the data on BreachForums, a platform frequented by cybercriminals.
In their post on BreachForums, CiberInteligenciaSV emphasized the significance of the leaked code, noting its association with the government-backed Chivo Wallet. They underscored their motive of sharing the information freely rather than selling it, adding a provocative tone to their message.
Prior to the breach, digital security startup VenariX had forewarned both citizens and the wider crypto community of an impending Chivo leak, a caution issued a day prior to the incident. The local initiative highlighted that CiberInteligenciaSV had hinted at the forthcoming BreachForums post on its Telegram Channel and even extended an invitation to government officials for negotiation.
Chivo serves as the official Bitcoin storage solution endorsed by the government of El Salvador. Introduced after President Nayib Bukele’s historic decision to adopt Bitcoin as legal tender in September 2021, Chivo has been instrumentalized as a national tool for Salvadorans to transact in Bitcoin and withdraw cryptocurrency from BTC ATMs across the country. However, since its inception, users have reported various issues with the wallet, prompting the government to collaborate with U.S. white-label software firm AlphaPoint to rectify technical glitches.
This recent breach follows a significant data exposure earlier this month, where personal information belonging to approximately five million Salvadorans was leaked online. The leaked data, totaling 144GB, allegedly originated from a former national security advisor’s cloud backup named Alejandro Muyshondt. Initially mistaken for a vaccination database due to the comprehensive nature of the information—encompassing full names, dates of birth, profile photos, and addresses—experts later linked the files to Chivo’s registration requirements. Notably, Bukele’s administration has yet to address or provide a statement regarding these incidents.
Powered by Crypto Expert BD
Follow us on Twitter: https://x.com/CryptoExpert_BD
Join our Telegram channel: https://t.me/CryptoExpert_BD
