An analytics executive has been arrested in the wake of a recent data leak in Ecuador which compromised the personal information of around 20 million of the nation’s citizens.
The executive, who heads up data analytics firm, Novaestrat, is now being held in custody.
After the leak had been announced, Ecuador’s federal authorities launched a formal investigation which was followed by local police entering Novaestrat’s office to seize computer equipment.
The office is also rumoured to be the home of the company’s general manager, William Roberto G (Roberto Garces) who was arrested at the site and accompanied to the Esmeraldas province. The arrest was confirmed by the state attorney general, who referred to the Novaestrat executive as its “legal representative”, and stating:
“The [raid] was carried out to collect elements on an alleged crime of violation of privacy, after [the authorities] learned about the leakage of information from about 20 million Ecuadorians, including about 7 million minors [and people already deceased].
“The data allegedly came from a server located in the United States owned by Novaestrat, a consulting firm that provides services such as data analysis and software development.
“During the raid, electronic equipment, computers and storage devices were seized, as well as documentation among other elements. Prosecutors will continue to conduct more actions to investigate the alleged crime.”
It is not yet known what charges are to be leveraged against Garces, if any are made at all. Ecuador’s Ministry of Telecommunications and Information Society said earlier this week that the government arm would hold an independent investigation to explore the full extent of what went on.
However, the ministry also suggested that Novaestrat was holding the data lawfully, possibly based on a contract signed with the previous government administration. As such, no hacking charge will be made.
Rumours are also circulating that the existence of a database on an unprotected server did not constitute proof that Novaestrat was guilty of data misuse, or that any other parties had accessed the data with malicious intent.
Ecuador’s data privacy laws in this area are antiquated, with minister Andrés Michelena Ayala admitting to journalist that his ministry has been attempting to put new data privacy laws in place for the last eight months.
The country’s president had emphasised how the new laws had to be pushed through without delay and put before parliament this week.
The post #privacy: Analytics chief arrested after Ecuador data leak appeared first on PrivSec Report.