Mexico’s Cybersecurity Crisis
Mexico is facing an alarming series of cybersecurity breaches, threatening both public and private institutions. High-profile cases, such as data leaks from the Mexican Social Security Institute (IMSS) and security breaches at the National Autonomous University of Mexico (UNAM), highlight the increasing vulnerability of sensitive information. These incidents raise concerns about the safeguarding of users’ personal data.
The Escalating Cyber Threat Landscape
Between September 2025 and January 2026, Mexico experienced numerous severe cybersecurity incidents, with at least a dozen affecting various agencies. Significant breaches included:
- IMSS (Mexican Social Security Institute)
- National Employment Service
- Federal Electricity Commission
- Ministry of Education of Chiapas
These attacks have resulted in the leakage of sensitive data, affecting millions of Mexican citizens.
The UNAM Breach: A Case Study
The UNAM incident stands out as particularly troubling. An unauthorized access event targeted five of the university’s computer systems during a holiday period. Although the university initially claimed that no personal data was accessed, investigative journalism revealed that sensitive information concerning over 380,000 students and academic staff had indeed been compromised.
Details of the Breach
Journalistic investigations indicated that the hacker, known as ByteToBreach, accessed not only names and emails but also deeply personal documents, including complaints of workplace harassment and academic misconduct. Internal documents suggest that the university had previously identified illicit access as far back as March 2025 but failed to take appropriate action.
The Troubling Background
The full extent of the breach was likely exacerbated by structural issues within the university, including stalled fees collection due to audits. This lapse came at a time when a critical security vulnerability in Next.js servers was exploited, facilitating the massive cyberattack.
Who is ByteToBreach?
ByteToBreach is a known figure in the dark web ecosystem, having engaged in various data leak schemes since mid-2025. With ties to significant breaches affecting airlines, banks, and government bodies globally, its notoriety has escalated concerns within Mexico, particularly regarding an attack on the SAT Móvil application in December 2025.
The Telcel Incident: Data Exposure Unveiled
Just days after mandatory mobile line registration commenced, Telcel, one of Mexico’s largest telecommunications providers, acknowledged a major data vulnerability. On January 9, 2026, it was revealed that personal details of millions of customers, including CURP and RFC numbers, could be accessed without proper authentication.
Company Response
Initial statements from Telcel downplayed the severity, but it became evident that a technical flaw had put customer information at risk. While the company claimed users could only access their own data, evidence surfaced proving that extensive customer information was indeed exposed.
Looking Ahead: Strengthening Cybersecurity Measures
In response to the crises, UNAM has pledged to enhance its cybersecurity framework in 2026. Plans include establishing specialized subcommittees and investing in training programs aimed at experts within the university.
Real-World Risks to Citizens
These cyber breaches pose significant risks, exposing citizens to identity theft, phishing attacks, and various forms of fraud. With critical information circulating on the black market, the potential for malicious exploitation is considerable.
User Vigilance is Imperative
In light of these developments, citizens must adopt proactive measures to safeguard their personal data:
- Avoid disclosing sensitive information via SMS, calls, or emails without verifying the source.
- Regularly change passwords and monitor accounts for unauthorized activity.
- Enable two-factor authentication wherever feasible.
These basic precautions can significantly minimize risks during this time of heightened vulnerability.