A threat actor claims to have compromised internal systems belonging to Ecuador’s National Electoral Council (CNE), alleging full access to voter registration infrastructure and the exfiltration of more than 13.5 million voter records.
The claim was posted on a cybercrime forum by a threat actor who alleged unauthorized access to multiple systems within the CNE environment.
BreachNews has not independently verified the authenticity of the claims or confirmed that the alleged access originated from CNE systems.
Actor claims access to voter registry infrastructure
According to the forum post, the threat actor allegedly gained access to internal CNE systems through a RAT-based intrusion and later pivoted across additional network assets.
The actor claims to have obtained SSH access to internal hosts, accessed Oracle database systems tied to the electoral registry, and extracted 13,504,210 voter records.
Redacted screenshots published alongside the claim appear to show command-line access to internal systems, database enumeration activity, and what the actor describes as voter registry infrastructure.
The screenshots also appear to reference electoral database services and record counts, though BreachNews cannot independently verify the authenticity of the images.
Threats extend beyond data theft allegations
Unlike many breach claims focused solely on data exfiltration, the threat actor alleges the compromise could affect operational election systems.
The post claims the voter registry environment is interconnected with systems responsible for election result transmission and consolidation. The actor further alleges the ability to add, modify, or delete voter records and claims persistence mechanisms remain active within the environment.
The threat actor demanded 4 BTC and threatened data destruction, backup poisoning, and voter database manipulation if negotiations are not initiated.
At the time of publication, no evidence has been provided publicly to substantiate the more serious claims regarding election system manipulation.
Claims raise concerns over election infrastructure security
The allegations go beyond a conventional database breach. If accurate, unauthorized access to voter registration infrastructure could create risks affecting both sensitive citizen data and public confidence in electoral processes.
Election systems remain high-value targets for cybercriminals, hacktivist groups, and nation-state actors due to their political significance and potential impact on public trust.
The claim also comes amid broader concerns surrounding cyberattacks targeting government and critical infrastructure organizations. Earlier this year, BreachNews reported on a confirmed breach of FBI wiretap systems, highlighting continued interest in sensitive public sector networks.
CNE had not issued any public statement regarding the allegations at time of publication.
