The alert didn’t come from an official channel, but from a social media post. And yet, it was enough to trigger a reaction at one of the most sensitive nodes in the Mexican port system .
The Manzanillo Port Authority (Asipona) confirmed in a statement that on April 5th it detected a post on social media warning of a potential data breach on the Smart Port for Safety (PIS) platform , the system that coordinates much of the logistics operations at the country’s ports. Following this, security protocols were activated, resulting in temporary disruptions to system access. According to the agency, access has now been restored and the system is operating normally.
The episode, however, is not insignificant. And even less so given the context in which it arises.
So far, Asipona Manzanillo has been the only one of the 18 port authorities coordinated by the Mexican Navy (Semar) to issue a public statement regarding this alleged incident, despite the fact that PIS has a national scope . This silence from the other port authorities creates uncertainty in a platform designed precisely to standardize and centralize operations.
In fact, since the evening of April 5, PIS users nationwide reported receiving an official email requesting them to change their passwords for using this digital platform.
The initial alert was issued by journalist Ignacio Villaseñor, who on April 5th published information in X about an alleged hack of the system. In his message, the journalist stated that a cybercriminal identified as “marssepe”, allegedly linked to the group SOCIEDAD PRIVADA 157 , had released a 39.7 gigabyte file containing records extracted from PIS.
According to the publication, the information contains sensitive data on more than 640,000 port operators , including full name, CURP (Mexican national ID number), RFC (Mexican tax ID number), social security number, blood type, facial photograph, as well as company, position, and port of operation. Villaseñor warns that the exposure of this registry—which is mandatory for operating in port facilities—could escalate from a digital risk to a physical security threat, enabling practices such as identity theft, extortion, or coercion within the logistics chain.
So far, no federal authority has confirmed the veracity of said leak in the terms presented on social media.
What is certain is that Asipona Manzanillo’s response focused on preventative measures . The agency reported that, after detecting the leak, it restricted access to services hosted on its servers, updated user credentials, disabled direct access to databases from external IP addresses, and canceled access in test environments. It also implemented additional tools to prevent unauthorized API requests and strengthened the monitoring of system traffic and URLs.
Beyond the technical aspects, the incident highlights the importance of PIS as critical infrastructure. This system was created in 2021 at Asipona Manzanillo itself with the intention of operating as a one-stop maritime-port window, capable of centralizing, standardizing, and providing traceability to operational, administrative, and revenue collection processes in ports.
According to its logic, all logistics actors—from carriers to customs brokers and operators—must register on the platform to operate, making PIS a repository of highly sensitive information. Currently, the system has 32 modules developed and implemented nationwide.
That level of centralization, which under normal conditions represents efficiency and control, also amplifies the risks when the possibility of a breach arises .
The statement from Asipona Manzanillo insists that the system is operating normally and that constant monitoring is being maintained to prevent incidents. However, the lack of a coordinated national approach in a system that is by definition cross-cutting raises a fundamental question: if the risk is shared, why isn’t the response?
In an industry where digitalization has become the backbone of operations, cybersecurity management is no longer just a technical issue, but a matter of systemic trust. And in this arena, silence speaks volumes .
Comment and follow us on LinkedIn: @Enrique Duarte Rionda / @GrupoT21
