dian.gov.co data breach

dian.gov.co

What Happened

In March 2026, Colombia’s national tax authority, DIAN (Dirección de Impuestos y Aduanas Nacionales), suffered a cybersecurity incident involving unauthorized access to personal data on its appointment scheduling subdomain, agendamiento.dian.gov.co, developed by third-party provider CIEL Ingeniería. A hacker using the alias ArcRaidersPlayer claimed responsibility on March 2, 2026, alleging the exploitation of a long-known vulnerability and offering a 16GB database—potentially containing up to 18 million records with names, ID numbers, emails, phone numbers, and other personal details—for sale on BreachForums for $2,000 USD. DIAN confirmed the external attack on March 6, 2026, stating that taxpayer financial/aduanera data, passwords, and credentials remained secure, promptly disabling the system, activating incident protocols, filing a criminal complaint for extortion with the Fiscalía General de la Nación, and reporting to the Superintendencia de Industria y Comercio, while in-person services at 56 offices continued uninterrupted. No official verification of the leak’s full scope has been issued, though experts warn of risks like identity theft and phishing if authentic.

Compromised Assets

  • email
  • full name
  • phone

Check your company's
exposed credentials

Enter your work email to instantly access a free account
and see your company’s exposed credentials.

Related Breaches