Secuestro Digital en el BHU: Doble Extorsión, 700GB Robados y el “Protocolo del Silencio” que Ocultó la Amenaza a los Clientes.

BHU (Banco Hipotecario del Uruguay)The bank's initial public response severely minimized the true gravity of the digital threat by characterizing it as a routine technical issue, while in reality, the institution was the victim of a large-scale data theft, cryptocurrency ransom demand, and digital extortion.The contradictions between the official statement and the actual severity of the attack include:Minimizing the Event's NatureThe official institutional narrative and some initial media reports described the event using highly technical and benign language, which contradicted the underlying criminal activity:Official Narrative: The initial public response from the BHU (Banco Hipotecario del Uruguay) and sources like Montevideo Portal referred to the crisis as an "incidente informático" (IT incident) or "problema técnico".Actual Severity: This was not a technical failure but a "toma digital" (digital takeover) and an act of digital extortion. It was explicitly identified as a ransomware attack, where the ransom was demanded in bitcoins. Crypto24, the antagonist group, had published their direct threat on the Dark Web.Omitting Theft and ExtortionThe official bank communications focused on protective measures while omitting the critical elements of theft and ransom:Official Narrative: The BHU's official communication stated that the network was "dio de baja la red por precaución" or shut down to "proteger la información".Actual Severity: The severity stemmed from the fact that the attackers, Crypto24, had already infiltrated the systems and stolen the data. The system began to fail, and the public website went down at . The bank's network shutdown was an effort to protect the information, but the sources question if this was protection "De los atacantes o del público".The bank's official communique omitted any mention of the extortion or the robbery of data.Concealing the Magnitude of Data CompromiseWhile the bank spoke of "precaución," the sheer volume and sensitivity of the compromised data revealed a catastrophic breach:Actual Severity: Crypto24 not only encrypted the data but also stole 700 gigabytes (GB).The stolen information included legal contracts, records contables (accounting records), and datos personales de clientes (personal data of clients).The bank was facing a double extortion scenario: if they did not pay, the data would be exposed. Crypto24 issued a time-sensitive threat: "You have 72 hours. After that, we release everything". Later, the threat was partially fulfilled when "Parte de los datos fueron publicados".In essence, the initial institutional silence and the use of the term "incidente informático" contrasted sharply with the reality of having 700 GB of client data stolen and being under a direct, publicly viewable cryptocurrency ransom threat on the Dark Web

https://open.spotify.com/show/3XmolWa59mJtPWQsVyrKb9?si=ca8381e1d900475f

https://cybermidnight.club/secuestro-digital-en-el-bhu-doble-extorsion-700gb-robados-y-el-protocolo-del-silencio-que-oculto-la-amenaza-a-los-clientes/