Home / Early Warning / Cybersecurity Highlights / A security bug paralyzes LexNet

A security bug paralyzes LexNet

07/27/2017

LexNet, the telematic notification manager of the Ministry of Justice, had to be temporarily disabled to correct a security breach. The incident was reported by the dean of the Cartagena Bar Association, who warned that the ruling allowed any user of the platform to access information from any open cause.

For its part, the Ministry of Justice has informed the resolution of the security breach and consequently the resumption of the LexNet service.

Update 02/08/2017: According to several sources, the Ministry of Justice would have confirmed the leakage of 11,000 documents hosted on a server accessible from the Internet. Among the filtered information could be the description of the architecture of computer systems of the Ministry, part of the source code of LexNet, the intranet and its digital certificates, as well as of Orfila, the system that communicates the Courts, Tribunals, Prosecutor's Offices and Civil Registry with the Institutes of Legal Medicine.

An engineering student has stated that he is one of those responsible for accessing this information, arguing that curiosity about the previous security incident with LexNet led to a search for information that led to this server without security measures and whose information Was fully accessible from the internet.

For its part, the Ministry has considered this act as a crime of unlawful access to documentation of the public administration and ensures that it will denounce those responsible.