Overview
- INE says the only intrusion occurred during last year’s electoral period, was contained, and there is currently no evidence of anomalous activity in its systems.
- Ignacio Gómez Villaseñor alleges the group Sc0rp10n maintains persistent access to INE servers and claims the job was contracted by a political party about a year ago.
- INE, the federal security ministry (SSPC) and an external provider are conducting forensic reviews of materials circulating on the dark web, with no INE data identified so far.
- Engineers are inspecting network segments to rule out alleged backdoors after prior hardening that included multifactor authentication, a full depuration of active VPN accounts and mandatory two‑factor remote access.
- INE officials plan to double or triple cybersecurity protections and stress the voter registry is isolated and protected, with no indication the padrón electoral has been compromised.