Cyberattack Exposes Sensitive Data of 640,000 Mexican Port Personnel On April 14, 2026, a cyberattack on Mexico’s Safe Smart Port (PIS) platform managed by the Ministry of the Navy exposed 39.7GB of sensitive data belonging to approximately 640,000 logistics personnel. The breach, first reported by a cybercrime journalist, revealed biometric records, official IDs, social security numbers, taxpayer details, and facial photos of workers authorized to access Mexico’s national ports, including transport providers, customs agents, and crane operators. The platform also contained data on blacklisted individuals barred from port entry. The hacker, identified as a member of Sociedad Privada 157, a Mexico-based group known for targeting institutions to leak or compromise data, infiltrated the system earlier this month. Following the journalist’s social media disclosure, the Administration of the Port of Manzanillo (ASIPONA) confirmed the incident, temporarily restricting server access, updating credentials, and disabling external database connections. While ASIPONA later restored operations and claimed normal functionality, it acknowledged ongoing monitoring to prevent further breaches. Port users reported receiving navy-issued directives to reset their PIS passwords. However, neither the remaining 17 port administrations nor the navy released public statements, drawing criticism for failing to address the national security implications of the breach. Security experts warned that the exposed data could fuel criminal activity, including fake credential creation, extortion, and operational disruptions. The attack underscores Mexico’s escalating cybersecurity crisis. The Secretariat of National Defence recorded 12.4 million cyberattacks in the first 10 months of 2025 a 242% increase from 2024 while Kaspersky reported that 43% of Mexican organizations experienced cyber incidents in the past year.