kelvinsecurity attacks Salvadoran Ministry of Foreign Affairs

Incident Date:

April 1, 2022

World map



kelvinsecurity attacks Salvadoran Ministry of Foreign Affairs


Salvadoran Ministry of Foreign Affairs




Cd Merliot, El Salvador

Cd Merliot, El Salvador

First Reported

April 1, 2022

Ransomware Attack on Salvadoran Ministry of Foreign Affairs

The Salvadoran Ministry of Foreign Affairs has reportedly been targeted by the Kelvinsecurity ransomware group, as indicated by a leak on their dark web site. The ministry operates in the Government sector and is responsible for managing El Salvador's diplomatic relations with other countries.

Victim Profile

The Ministry of Foreign Affairs is a key government agency responsible for representing El Salvador's interests abroad. It is located in Antiguo Cuscatlan, La Libertad, El Salvador C.A. The ministry's website provides information on various diplomatic activities, including recent events such as the laying of the first stone for a new building that will provide attention to foreigners.

Company Size and Industry Standing

The Ministry of Foreign Affairs is a government agency, and as such, its size and industry standing are not typically quantified in the same way as private companies. However, it is a significant player in El Salvador's diplomatic efforts and represents the country's interests on the international stage.


The Salvadoran Ministry of Foreign Affairs, like many government agencies, may face unique challenges in protecting against cyber threats. These challenges can include limited resources, outdated technology, and a lack of specialized cybersecurity expertise. Additionally, the ministry may be targeted due to its role in representing El Salvador's interests abroad, potentially making it a high-value target for threat actors seeking to disrupt diplomatic relations or gain access to sensitive information.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.