THREATNOIR
Subscribe
Back to Feed
BreachesMay 6, 2026

‼️🇪🇨 CACPE Pastaza allegedly breached exposing 18 million Ecuadorian civil registry records via...

CACPE Pastaza breach exposes 18M Ecuadorian civil registry records via unprotected API.

Read at source

Summary

An Ecuadorian cooperative, CACPE Pastaza, suffered a breach exposing approximately 18 million civil registry records through an unprotected identity validation API endpoint. The threat actor exploited an exposed proxy endpoint to access sensitive personal identification data. This represents a significant compromise of Ecuador's civil registry infrastructure.

Indicators of Compromise

  • url — https://t.co/5fpwTxwO2k

Entities

CACPE Pastaza (vendor)Identity validation API (technology)