Hackers leaked 700 GB of data obtained from the government of Argentina, including confidential documents, wiretaps and biometric information from the Argentine Federal Police, along with the personal data of police officers. The Twitter account of the Argentine Naval Prefecture was hacked as well, and used not only to share links to the stolen information but also to spread fake news about a nonexistent British attack on Argentine ships.

An operation combining the hacking of law enforcement agencies, an attempt to spread misinformation through social media and the leaking of large amounts of sensitive data on the “Deep Web” would seem to check all the boxes for a major news story. But you most likely have not heard about any of this.

In the midst of the ensuing turmoil, it is understandable that not much attention was initially paid to the short-lived hack of the Naval Prefecture Twitter account. However, allowing the story to fade in the background would be a disservice. What happened on Aug. 12 in Argentina not only has implications for the country’s own security but also serves as another data point for the ongoing discussion about how hacking and leaking operations should be understood and addressed.

On the night of Aug. 11, a public Telegram chat group appeared. A Twitter account would soon be compromised, the group’s founders announced. By noon on Aug. 12, it became clear what the message was referring to: The official Twitter account of the Argentine Naval Prefecture began posting a sequence of disconcerting messages, evidence that it had been hacked. The hackers had around 10 minutes to publish several tweets before the government regained control over the account; one of them shared some of the “LaGorraLeaks” (“La Gorra” is an Argentinian term used to refer to the police), a set of links that allegedly contained police officers’ personal data along with wiretaps, biometric information and classified documents, among other information. Another concerning message falsely informed the public about a British attack on Argentine ships.

“LaGorraLeaks” is the handle for the Twitter account that made the hacked documents known. And this is not their first rodeo. Back in 2017, the profile claimed to have hacked into the Argentine security minister’s account-although the consequences of such action were limited to posting unflattering messages about the minister. A few months later, the same profile leaked emails with information regarding the Organized Crime Division of the Argentine police.

The account has now been suspended, but this has not deterred the group. A new Telegram public group was set up and further menacing texts sent out, hinting at future activity. Its founders posted obscure references to how “September will have a very amusing start,” argued that banking institutions are taking advantage of the state of the country and hinted at the preparation of something “very large” set to affect Argentina’s cybersecurity as never seen before. The chat also seemed to work as a recruiting space, where the self-described “Team” announced it was looking for people with specific capabilities and informed those reading the channel about a selection process to participate in the project. Whether this is actually an established organization or just banter among hackers is not clear.

On Aug. 12, the stolen data was shared both through [S]’s twitter account and the Naval Prefecture’s profile, although it has not been confirmed whether the hacks and the leak were carried out by the same person or organization. Even as of now, there does not seem to be a consensus regarding how precisely the leak of information occurred-some have even suggested that the whole thing might have been an inside job, rather than an actual exploitation of security vulnerabilities. A spokesperson for the Federal Police assured the press that the organization’s database has not been compromised; the data accessed was in the cloud, uploaded by what the spokesman vaguely called “peripheral dependencies.” There also seems to be some confusion about the relevance of the leaked information. Some news outlets reported that confidential information regarding ongoing investigations is now public, with some of the leaked information dated as recently as a month ago; others wrote that the hackers are publishing old data. Authorities from the Buenos Aires City Police, however, have denied that their databases were breached.

Local media was able to establish contact with the alleged hacker via email. Whoever was behind the screen responded under the alias Nicolái Lobachevski—the name of a 19th century Russian mathematician—and provided his side of the story. In terms of the methodology used to access the stolen data, “Lobachevski” replied that the process had taken months of silently accessing the police’s network, relying partly on his own knowledge and abilities and partly on the naivete of police agents and employees. Further, he assured that he is the same hacker from 2017 and claimed responsibility for the hacks both past and present. Finally, the hacker dismissed the chances of being caught, arguing that there was no risk and no margin of error.

“Lobachevski”/[S] claims that the intent behind his actions was to demonstrate the security flaws in the system and was motivated by the technical challenge it presented. This seems consistent with some of the content posted in his now-suspended account. Prior to the bulk of the leak, messages on the Twitter account made calls for the government to improve its security and even mentioned the possibility of reporting security vulnerabilities to the Security Ministry before brushing the idea aside.

Both the Federal Police and the Naval Prefecture have informed the press that there are already investigations underway to figure out what occurred, and that judicial procedures have been initiated. These events should bring attention to three sets of concerns. First, the hacking and leaking of sensitive information could endanger the safety of law enforcement agents and affect the Argentine national security strategy. Second, the events provide an opportunity to explore the consequences of fake news being published through trusted channels such as official social media accounts of government institutions and authorities. Lastly, events of this nature should push forward the conversation about digital literacy and the portrayal of such issues in the media.

The fact that someone accessed and published such a great amount of information is in itself a grave concern. But there is a different threat to be considered as well, related to the proliferation of fake news.

The tweets sent out by the hacked Naval Prefecture account were more than just a way of informing the public about the leaked data or insulting law enforcement agencies. Before the government regained control over the account, the hackers posted that three Argentine ships had been attacked by British missiles, that Argentina had successfully responded to the breach of the country’s territory and that the president was on his way. They also stated that 27 officers had died.

To be fair, the tweet was not public for long, because authorities resumed their control over the account relatively quickly. It also doesn’t hurt that the Argentine Naval Prefecture’s account, with less than 100,000 Twitter followers, could hardly boast of a following that could make such a tweet have an impact. And it was hardly the intention of whoever was managing the account at that point to set in motion a proper misinformation campaign destined to wreak havoc-between the links to the data and the foul references to the security minister, the posts were clearly a result of the hacker’s activity rather than a convincing imitation of the Naval Prefecture. Nevertheless, the use of an authoritative channel to spread fake news over an issue as sensitive as a British attack on Argentina raises the possibility that a more carefully and well executed campaign with that purpose could be conducted,as per the article published by lawfareblog.com

The Naval Prefecture’s Twitter account reportedly did not have two-factor authentication, aiding in the hacker’s ability to gain access. If social media accounts belonging to other governmental agencies or even political figures also lack such security measures, the possibilities for exploitation are high. Recall that in 2013, a week after the Boston marathon bombing, a fake AP tweet claiming that an explosion at the White House had injured then-President Obama briefly caused a stock market crash. The use of trusted profiles to spread misinformation could have far-reaching effects, particularly during a delicate time. This does not, of course, mean that a malicious tweet will cause war or the collapse of society. But this kind of misinformation is a tool that can be exploited by those with bad intentions.

There are a range of pressing issues that rank higher in Argentina than the hacking of the Naval Prefecture’s Twitter. However, it is telling how the hack and leak were reported and discussed. A first group of reports basically replicated each other, providing a brief description of the facts and attaching several screenshots of both the hacked accounts and [S]’s own Twitter account. Most also included a superficial explanation of the “Deep Web.” Those reporters who put in the extra work provided a line describing the TOR browser, needed to access the leaked data.

Subsequently, there has been further reporting and explanation on the hacking and leaking, with outlets reaching out to security experts and unnamed sources within the government in order to paint a more detailed picture of what happened. Regardless, the considerations presented, at least on the public record, have barely scratched the surface of the national security concerns that should be taken into account now that sensitive information is available. Nor has there been any conversation about the infrastructure vulnerabilities that allowed this to happen in the first place.

Given that investigations into the hack are ongoing, it may be too early to assign blame for this particular incident. But many different elements contributed to this situation. On the one hand, according to “Lobachevski,” accessing the Federal Police’s database took months; this signals some level of proper cyber protection. How exactly did this breach happen, and how was a months-long intrusion not detected? Comparatively, hacking the Naval Prefecture’s Twitter was no problem at all, if the media reports on the account’s low security settings are accurate. Simple fixes such as establishing two-factor authentication and password protocols could go a long way if implemented in a systematic and institutionalized fashion across Argentine government agencies.

Ultimately, this is not only a question of improving technical cybersecurity in some areas. After all, governments across the world struggle with similar issues-even those that can boast of advanced defenses. What should cause concern in this case is the apathetic response with which these events were met. If 700 GB of government information can be leaked without any response or outcry-not even the beginnings of a conversation on cybersecurity-this is indicative of an underlying problem. Not much can be fixed if no one cares.