Hacking group focused on Central America dumps 10 terabytes of military emails, files

This is the fourth release from Guacamaya, a Central American hacking group that says it fights environmental devastation and exploitation.
Chilean Mapuche indigenous people and their supporters clash with riot police during a protest against Chile's government outside the Congress building in Valparaiso, Chile, on November 4, 2021. (Photo by DEDVI MISSENE/AFP via Getty Images)

A hacking group that has primarily focused on Central American targets released on Monday roughly 10 terabytes of emails and other materials from military and police agencies in Chile, Mexico, El Salvador, Colombia and Peru.

The data dump is the latest release from the group that has focused on infiltrating mining and oil companies, police and several Latin American regulatory agencies since March 2022.

The release from the hacking group, which calls itself Guacamaya after a type of bird native to Central and South America, follows a pattern of targeting entities the group sees as playing a role in both the region’s environmental degradation and also the repression of native populations. Monday’s release focused on multiple military bodies as part of that dynamic, the group said in a statement.

“To make it clear, the military armies and the police forces of the States of Abya Yala are the guarantee of the domination of North American imperialism, they are the guarantee of the extractivist presence of the Global North,” the group said in a Spanish-language statement, according to a Google translation. “They are violent repressive forces, criminals against the peoples themselves and their internal pyramidal organization charts of power are also reprehensible.”


Abya Yala is the name used by indigenous people of current day Central America for the American continent.

The specific targets in this case, according to the release, are the Joint Chiefs of Staff of the Chilean Armed Forces, the Mexican Secretariat of National Defense, the National Civil Police of El Salvador and the Armed Forces of El Salvador, the General Command of the Military Forces of Colombia, the Joint Command of the Armed Forces of Peru and the Army of Peru.

The Chilean materials were cross posted to DDoSecrets, a site that hosts hacked and leaked data, publishing some outright and sharing other, more sensitive sets in the public interest, with journalists and researchers, as in the case of the remaining material.

This is the fourth Guacamaya release since March, all posted to Enlace Hacktivista, a website dedicated to documenting hacker history, sharing information security educational resources and publishing materials from hackers.

Earlier releases have targeted the federal prosecutor’s office in Colombia, a group of international mining and energy companies — as well as some of the agencies tasked with regulating them — from across multiple regional countries, and another release from March on a Swiss mining consortium operating in Guatemala.


The March release was to “Mining Secrets,” a massive, international reporting project involving 65 journalists coordinated by Forbidden Stories, that exposed apparent corruption and the surveillance of journalists and activists opposing mining activities.

Correction: This story initially inaccurately reported that the released files totaled 10 gigabytes. The correct figure is roughly 10 terabytes.

Latest Podcasts