Claims of a successful breach against Santa Fe County’s government website surfaced this week, but investigators say the leaked data looks more like a relic from the early 2010s than a fresh cyberattack.
Attackers Announce Source Code Leak on Data Forum
The incident began when a group of attackers posted on a popular data leak forum often used to share and sell stolen information. They claimed to have compromised the Santa Fe County government website, gaining access to its source code.
The website in question serves more than 150,000 residents of Santa Fe County, New Mexico, making any security issue potentially significant for citizens and officials. The alleged hackers suggested they had captured sensitive material tied to administrative access and website operations.
Researchers Find Signs of Old and Irrelevant Data
The Cybernews research team reviewed the files attached to the forum post and determined that the claims did not match the current state of the Santa Fe County website.
The data included:
- A handful of administrator usernames and hashed passwords
- A database model with a version supported only until April 2017
- A PHP release from 2010, with support ending in 2011
Several of the files appeared incomplete, with empty database tables that looked like templates instead of containers for actual data.
Researchers also inspected the live version of the Santa Fe County website and noted it runs on a different architecture than what was reflected in the files. This mismatch led them to conclude the attackers likely had access only to an outdated version of the website.
“Having this info in mind, it’s likely that the allegedly leaked source code is an old version of the website from way back to the 2010s, which makes the impact relatively low,” the Cybernews team explained.
Why Attackers Share Outdated or Misleading Data
Although the information may be outdated, there are several reasons why attackers might still publicize such a leak.
First, they may be attempting to demonstrate capability. Even stale data can serve as proof that they accessed something valuable at some point, establishing a level of credibility in underground forums.
Second, reputation building plays a role. Data leak forums thrive on visibility, and clout is considered a form of currency. By claiming responsibility for a government website compromise, even if the data is old, the attacker can attract attention and bolster their profile.
In this case, the poster behind the Santa Fe County leak appears to be a new or relatively unknown actor, which makes reputation-building a likely motivation.
Broader Context of Government Website Threats
While this specific case appears to involve outdated material, it highlights the persistent threat to local government websites. These sites often host citizen services, public records, and administrative tools. Attackers, even when using old or recycled data, can cause concern among residents and disrupt trust in government digital platforms.
Enterprises and public-sector organizations monitoring this development should be aware that outdated system information, old source code, or archived credentials can still hold intelligence value for attackers. Even if a claim turns out to be exaggerated, it may serve as a precursor to more targeted attempts against modern infrastructure.
