Crystal Vault V2

Exposed Credentials Report — Venezuelan Government Infrastructure

Updated: February 22, 2026 | 38+ organizations | 30 credential sets | 245 evidence files (167 MB) | All confirmed LIVE

Credential Sets

38+

Orgs Affected

Internal IPs

Source Repos

2,500+

PII Records

167 MB

Raw Evidence

Contents

1. Database Credentials — Remote (.env / Docker) — 12 sets
2. Database Credentials — Source Code (.git dumps) — 14 sets
3. Keys, Tokens & Secrets — SMTP, SFTP, RSA, Telegram, API keys
4. Database Dumps & Backups — 150 MB HIDROVEN, SIGESP
5. PII & Personal Data — bank accounts, payroll, photos
6. Election Infrastructure — GraphQL API, vote module
7. Internal Network Map — 15 IPs across 10+ orgs
8. Git Repository Exposures — 28 domains, 18 still live
9. Laravel APP_KEYs — 6 unique (RCE/session forging)
10. LIVE-DUMPS Evidence Archive — 245 files, 167 MB
11. Complete Credential Summary Table — all 30 sets
12. Password Reuse Patterns
13. Affected Organizations — 38+ entities
Glossary & Organization Reference

1. Database Credentials — Remote Scanning (.env / Docker)

12 unique credential sets recovered from publicly accessible .env and docker-compose.yml files. No authentication required — direct browser download.

#	Type	Host	Database	User	Password	Source	Status
1	PostgreSQL	bd-srud-des.ovs.gob.ve:5432	registro_denuncias	srud	12345678	OVS .env (6 subdomains)	1/4 LIVE
2	PostgreSQL	172.16.100.146:5432	siesec2	siesec	12345678	OVS siesec2 .env	LIVE
3	PostgreSQL	172.16.100.130:5432	cupaz	cupaz	Cup4z00	OVS .env (commented)	LIVE
4	MySQL	localhost:3306	emprendedor	administrador	AdmiN*1512#	emprende.alcaldiadeindependencia .env	LIVE
5	MySQL	localhost:3306	laravel	root	(empty)	rrhh.alcaldiadeindependencia .env	LIVE
6	MySQL	127.0.0.1:3306	bolivar_pagina	bolivar_pagina	V5YmcyF74LWILj4k	peb.e-bolivar .env	LIVE
7	Oracle	172.20.80.11:1521	SIMA	SIMA124	1201A0	peb.e-bolivar .env	LIVE
8	MySQL	database:3306	mop	root	password	mppop.gob.ve docker-compose	LIVE
9	MySQL	mysql:3306	yii2advanced	yii2advanced	secret	fonbe.gob.ve docker-compose	2/3 LIVE
10	PostgreSQL	172.16.0.10:5432	sistemas_ipasme	postgres	123456	consulta.ipasme .env	LIVE
11	MySQL	127.0.0.1:3306	aseo	sistema	AdmiN*1512#	siremi.alcaldiadeindependencia .env	LIVE
12	MySQL	127.0.0.1:3306	incretgo_db2	incretgo_conexion	Otit3cn0l0g1424oti	incret.gob.ve .env +SMTP	LIVE

Notable: IPASME (#10) — Teacher Social Security

Postgres superuser with password 123456 managing pensions, savings, and benefits for ALL education workers in Venezuela. Three database aliases (DB, AFILIADOAHORROS, COMUNES) all point to the same sistemas_ipasme database on internal 172.16.0.10.

Notable: INCRET (#12) — Database + SMTP Same Password SMTP

Password Oti*t3cn0l0g1424*oti reused for BOTH MySQL database AND the SMTP mail account [email protected] on mail.incret.gob.ve:465. Enables sending emails as a government agency.

2. Database Credentials — Source Code (.git Dumps)

18 additional credential sets extracted from 7 reconstructed source code repositories. PHP source code is invisible via normal HTTP (server executes it), but exposed .git/ directories allow full source recovery.

#	Type	Host	Database	User	Password	Source
13	PostgreSQL	172.31.8.44:5432	mpptop_2017	nomina	n0m1n4	SIGESP covensol_config.php
14	PostgreSQL	172.31.8.44:5432	mpptop_2016_nomina	nomina	n0m1n4	SIGESP covensol_config.php
15	PostgreSQL	172.31.8.93:5432	sigesp_vyc	sigesp	s1g3sp	SIGESP covensol_config.php
16	PostgreSQL	172.31.8.44:5432	induccion_2016_nomina	nomina	n0m1n4	SIGESP covensol_config.php
17	PostgreSQL	localhost:5432	db_vycsucre_*	postgres	vycsucreadmin	SIGESP covensol_config.php
18	PostgreSQL	ec2-52-7-159-155:5432	d1haaqhp97miae	ztyeqxnzxedboc	979d9069...65fa1e	MINMUJER database.php (AWS RDS)
19	PostgreSQL	localhost	fasac	postgres	123456	MINMUJER database.php (legacy)
20	MySQL	localhost	fasarc	root	(empty)	MINMUJER database.php (legacy)
21	MySQL	127.0.0.1:3306	siremi	sistema	AdmiN*1512#	SIREMI database.php
22	MySQL	localhost	sbtebpav_minagua_db	sbtebpav_minaguas_user	Minaguasroot#	HIDROVEN Conexion.php
23	MySQL	localhost	sima_db	root	xsM6U1teIzPGP6g	HIDROVEN Conexion.php
24	MySQL	localhost	minagua_db	root	(empty)	HIDROVEN Conexion.php (dev)
25	PostgreSQL	localhost:5432	db_chamba_produccion	postgres	OUUO5bHo...raI0= (enc)	Chamba Juvenil database.php
26	PostgreSQL	localhost:5432	db_pcj_17052019	postgres	OUUO5bHo...raI0= (enc)	Chamba Juvenil database.php
27	SFTP	190.202.144.60:1022	—	chamba	1s0p0rt3++	Chamba Juvenil sftp.json
28	SMTP	mail.incret.gob.ve:465	—	[email protected]	Otit3cn0l0g1424oti	INCRET .env (same as DB #12)
29	Telegram	—	—	Bot 8534453577	AAHrCe_QOQRLK_nToS0pb4f5Y4ba5zBSJBQ	Chamba Juvenil config.php
30	Telegram	—	—	Bot 7265564977	AAHJcYuxTQX7coz-qatLEd9j5Ai1RLDv_fY	Chamba Juvenil BotController.php

3. Keys, Tokens & Secrets

Type	Value	Source	Impact
RSA KEY	Full 2048-bit PKCS#8 private key	Chamba Juvenil `registrochamba.key`	Decrypt traffic, impersonate services
SMTP	`[email protected]` / Otit3cn0l0g1424oti	incret.gob.ve .env	Send emails as government agency
SFTP	`190.202.144.60:1022` / chamba / 1s0p0rt3++	Chamba Juvenil sftp.json	Direct file system access to production server
TELEGRAM	`8534453577:AAHrCe_QOQRLK_nToS0pb4f5Y4ba5zBSJBQ`	Chamba Juvenil config.php	Control government notification bot
TELEGRAM	`7265564977:AAHJcYuxTQX7coz-qatLEd9j5Ai1RLDv_fY`	Chamba Juvenil JS + BotController	Control secondary bot (chat IDs: 830259515, 6021886971)
API KEY	`38db809be13a400c8c5061e304ba99cd`	HIDROVEN mapas_estatus.php	Thunderforest Maps API access
HTPASSWD	`carnetizacion:$apr1$t5G51mJ9$s.F3jKcudPJnlFq5zxrYD.`	carnet.guarico.gob.ve/.htpasswd	APR1 hash — crackable (hashcat mode 1600)
LDAP	`172.31.8.51` / `dc=mtt,dc=gob,dc=ve`	SIGESP covensol_config.php	Active Directory for entire MTT domain

4. Database Dumps & Backups

HIDROVEN — 14 SQL Dumps (150 MB total)

ALL directly downloadable via HTTP from sima.hidroven.gob.ve/sql/. National water utility production data spanning 15 months.

File	Size	Date	Contents
respaldo_2025-06-05.sql	104 MB	Jun 5, 2025	NEWEST full production backup
respaldo_2025-06-02_16-12-22.zip	14 MB	Jun 2, 2025	Compressed backup
respaldo_2024-11-11.sql	4.3 MB	Nov 2024	Monthly backup
respaldo_2024-04-09.sql	4.3 MB	Apr 2024	Monthly backup
respaldo_2024-04-04_19.sql	3.9 MB	Apr 2024	Monthly backup
respaldo_2024-04-04_03.sql	3.4 MB	Apr 2024	Monthly backup
respaldo_2024-03-28.sql	3.4 MB	Mar 2024	Monthly backup
Mimagua_FullDATA.sql	4.2 MB	—	Full reservoir inventory + coordinates + personnel
DATABASE_minaguas_FULL.sql	4.2 MB	—	Full dataset (duplicate)
Minagua_10_embalses_data.sql	3.4 MB	—	10 reservoir operational data
minaguas_data_2023_y_2024.sql	871 KB	—	2023-2024 reservoir data
minaguas_data_2023.sql	696 KB	—	2023 reservoir data
minagua_db.sql	52 KB	—	Schema + user table (bcrypt hashes, cedulas)
minagua_empty_db.sql	8 KB	—	Empty schema

SIGESP — PostgreSQL Backups + Salary Declarations

File	Size	Contents
dumpdetabladecuentas.backup	9.3 KB	PostgreSQL account table dump
tabladesaldos.backup	410 B	Account balances
Declaracion_Salarios_XML_08-2016.xml	2.7 KB	Aug 2016 salary declaration (RIF numbers)
Declaracion_Salarios_TXT_08-2016.txt	577 B	Salary declaration text format

Evidence: LIVE-DUMPS/hidroven-db/ (14 files, 150 MB) • LIVE-DUMPS/sigesp-dumps/ (5 files, 26 KB)

5. PII & Personal Data (2,500+ records)

SIGESP — Employee Payroll & Bank Accounts (9 files, 2.5 MB)

ALL directly downloadable via HTTP from sigesp.industrias.gob.ve

File	Size	PII Content
txtpersonalnomina.csv	1.1 MB	Cedulas, BANK ACCOUNT NUMBERS, salaries
personal_comunas2.csv	611 KB	Cedulas, names, salaries, BANK ACCOUNT NUMBERS
Personal_Comunas.csv	254 KB	Cedulas, names, dates of birth
nomina.csv	274 KB	Payroll codes and payment amounts
personal_inppj.txt	34 KB	298 INPPJ judicial employee records
personal_nomina_inppj.csv	30 KB	INPPJ payroll + bank account numbers
personal_conviasa.csv	3.7 KB	CONVIASA airline employees + HOME ADDRESSES
personalnomina_conviasa.csv	2.6 KB	CONVIASA payroll + bank accounts
errors.log	197 KB	App error logs with SQL queries

Other PII Sources

Source	Records	Data Types
Chamba Juvenil lista_separada.txt	44	Plaintext cedula numbers
Chamba Juvenil schema	Full DB	Cedulas, names, emails, phones, DOB, GPS, housing, disabilities, social media
HIDROVEN user accounts	3	Emails, cedulas, bcrypt hashes (cost 5 — trivially crackable)
HIDROVEN personnel	~20+	Reservoir operator names, cedulas, phones, emails
Carnet Guarico API	Unlimited	Any citizen by cedula — name, position, department, photo (no auth)
SIREMI schema	Full DB	Cedulas, family groups, children's data, payments
MINMUJER photos	52	Event/attendance photos (still being served)
MINMUJER document scans	123	Government document scans (still being served)
Gravatar hash reversal	1,137	Email addresses de-anonymized from 3,961 hashes across 162 domains
WordPress enumeration	142+	Admin usernames across government sites
Government emails	225+	Official + personal Gmail addresses on gov business
Document metadata	442+	Personnel names from PDF/Office files

Evidence: LIVE-DUMPS/sigesp-pii/ (9 files, 2.5 MB) • LIVE-DUMPS/minmujer/ (175 files, 14 MB) • LIVE-DUMPS/chamba-secrets/ (3 files)

6. Election Infrastructure

CRITICAL PSUV Election Management API — Full GraphQL Introspection

api-psuv-elecciones.guarico.gob.ve — Ruling party election system with full schema exposed

Types: CentroVotacion, Mesa, Employee, ReporteVotacion Mutations: createAdmin, loginEmployee, setVotacion, aperturaCentroVotacion, cierreCentroVotacion Impact: Full voting center management — create admins, record votes, open/close centers Co-hosted: Shares IP 190.205.119.210 with portainer.guarico.gob.ve (Docker/K8s panel)

HIGH Vote Registration Module — Hidden in Youth Employment App

Chamba Juvenil source code contains registro_voto.php, listar_registros_votos.php, Registro_voto.php controller

Title: "ESTRUCTURA DE REGISTRO DEL VOTO" Context: Full vote tracking system embedded within a youth employment registration platform

5 additional GraphQL endpoints with introspection: gitlab.inti.gob.ve, api-asistencia.guarico.gob.ve, api-festividades.guarico.gob.ve, demo-api-sgd.guarico.gob.ve, api-distribucion-gas.guarico.gob.ve

Evidence: LIVE-DUMPS/election-api/ (4 files, 68 KB) — graphql_full_introspection.json, portainer + voter registry HTML

7. Internal Network Map — 15 IPs

IP Address	System	Source
172.16.0.10	IPASME PostgreSQL — teacher social security	.env
172.16.100.146	OVS PostgreSQL (siesec/siesec2)	.env
172.16.100.130	OVS secondary PostgreSQL (cupaz)	.env (commented)
172.20.80.11	Bolivar State Oracle — SIMA water management	.env
172.31.8.44	SIGESP PostgreSQL — payroll databases (MPPTOP)	covensol_config.php
172.31.8.93	SIGESP PostgreSQL — APOYO system (sigesp_vyc)	covensol_config.php
172.31.8.51	SIGESP LDAP — Active Directory (dc=mtt,dc=gob,dc=ve)	covensol_config.php
172.16.0.205	INHRR internal Git server (root SSH)	.git/config
172.17.2.248	FONACIT internal GitLab (root/sidcai)	.git/config
150.188.84.156	Infocentro internal GitLab (dmora/codeigniter)	.git/config
172.31.89.189	VYC Sucre Gitea backend (taken down)	OpenID config
172.16.2.8	FUNDABIT internal API server	.git source
190.202.144.60	Chamba Juvenil SFTP production server (port 1022)	sftp.json
ec2-52-7-159-155	MINMUJER AWS RDS (US-East-1)	database.php
bermudez.cgesucre.gob.ve	CGE Sucre internal Git (SIACE system)	.git/config

8. Git Repository Exposures — 28 Domains

18 of 22 .git/config files still serving as of February 22, 2026. 7 repos fully reconstructed (64,262 files).

Domain	Remote URL	Notes	Status
asistencia.minmujer.gob.ve (+ 5 subs)	git.heroku.com/cementerio.git	Cemetery system on 6 MINMUJER subdomains	LIVE
sigesp.industrias.gob.ve	gitlab.mtt.gob.ve/cmorales/SIGESP-MPPT.git	37K file payroll system	LIVE
sima.hidroven.gob.ve	github.com/jcarri07/minaguas-project.git	Water management	LIVE
registro.chambajuvenil.gob.ve	github.com/jhonatanrojas/registrochamba.git	Youth employment + vote module	LIVE
siremi.alcaldiadeindependencia.gob.ve	github.com/bollanog/siremi.git	Waste management + citizen records	LIVE
carnet.guarico.gob.ve	github.com/InformaticaDGI/carnet-web.git	State ID card system	LIVE
calidad.baer.gob.ve	gitlab.com:biodarks/sigae-auth-front.git	Military auth system	LIVE
siverc.inhrr.gob.ve	[email protected]:root/sivercbackup.git	Epidemiological surveillance, root SSH	LIVE
revecaapi.oncti.gob.ve	controlador.mincyt.gob.ve/oncti/reveca_api.git	Science observatory	LIVE
recibos.tves.gob.ve	[email protected]/desarrolladoresdetves/recibos_actual.git	State TV receipts	LIVE
sistema.fondoefa.gob.ve	gitlab.com/tecnodevelop/saica.git	Armed Forces Education Fund	LIVE
chacao.gob.ve	git.artesanossiglo21.com/revista/chacao.git	credential.helper=store (plaintext passwords)	LIVE
cervante.sarep.gob.ve	github.com/jkhiyami/sarep.git	Registry/notary	LIVE
enunclic.infocentro.gob.ve	controlador.mincyt.gob.ve/servicios-infraestructura/sitio-mantenimiento.git	Infocentro maintenance	LIVE
sgg.mincyt.gob.ve	(same repo as enunclic)	MINCYT	LIVE
infoapp2.infocentro.gob.ve	github.com/JarceloElement/infoapp	Infocentro app (branch: dev)	LIVE
sig.mincyt.gob.ve	controlador.mincyt.gob.ve/desarrollo/sigmincyt.git	GIS/mapping (HTTP, no TLS)	LIVE
registro.fundabit.gob.ve	github.com/relly27/formulario-improv.git	Education IT	LIVE
iaim.baer.gob.ve	gitlab.com (BAER)	Military agroindustrial	DOWN
sidcai.fonacit.gob.ve	http://172.17.2.248/root/sidcai.git	FONACIT, internal IP, root user	DOWN
infovirtual.infocentro.gob.ve	[email protected]:dmora/codeigniter.git	Infocentro, internal IP	DOWN
siace.cgesucre.gob.ve	http://bermudez.cgesucre.gob.ve/siacesucre/siaces.git	CGE Sucre comptroller	DOWN

Evidence: LIVE-DUMPS/git-configs/ (18 files, 29 KB)

9. Laravel APP_KEYs — 6 Unique (RCE / Session Forging)

Key	Scope	Status
`base64:G6lOwhNpWp3spLvoxDq5COBMJmtrYsTNlHjhR1+6nnI=`	OVS (6 subdomains)	2/6 LIVE
`base64:Zs/kTGD0dUQSid7ngUluBzTnRH+5887+jgU4Ib4KMao=`	emprende + siremi .alcaldiadeindependencia (shared!)	LIVE
`base64:3tylXo58E+JBds06/yevWhAjY9q3gN27TBhwH60iHMI=`	rrhh.alcaldiadeindependencia	LIVE
`base64:ipBRf+v/hXurl1H85fY4jvmGRPc4KEKDqsa456OqJjs=`	peb.e-bolivar	LIVE
`w2dfI2xnNIM2cIxL02rlCscgplIiACVe`	consulta.ipasme (non-base64)	LIVE
`base64:DVRtdtLbzXdcAQKEzoUXPqmNlFkvHR24i2WSvQSwAws=`	incret.gob.ve	LIVE

10. LIVE-DUMPS Evidence Archive — 245 Files, 167 MB

Raw evidence files downloaded directly from live servers on February 22, 2026 as proof of exposure.

Directory	Size	Files	Content
hidroven-db/	150 MB	14	SQL database dumps (Mar 2024 → Jun 2025)
sigesp-pii/	2.5 MB	9	CSV payroll, bank accounts, cedulas, CONVIASA
sigesp-dumps/	26 KB	5	PostgreSQL backups, salary declarations (XML/TXT)
election-api/	68 KB	4	GraphQL introspection JSON, Portainer/voter HTML
military/	22 KB	6	.bashrc/.profile/.bash_logout from 2 MINDEFENSA units
env-files/	40 KB	9	Raw .env + docker-compose from live domains
git-configs/	29 KB	18	.git/config files (18 of 22 still serving)
chamba-secrets/	13 KB	3	sftp.json, RSA private key, cedula list
carnet-guarico/	1 KB	1	.htpasswd (APR1 hash)
incret/	4 KB	1	.env with DB + SMTP credentials
minmujer/	14 MB	175	52 photos (7.8 MB) + 123 document scans (6.1 MB)
TOTAL	167 MB	245	Raw proof from live government servers

11. Complete Credential Summary — 30 Unique Sets

See tables in Section 1 (remote, #1-12) and Section 2 (source code, #13-30) above for the full breakdown.

12. Password Reuse Patterns

Password	Used By	Count
12345678	OVS srud-des, OVS siesec2	2
123456	IPASME postgres superuser, MINMUJER legacy	2
AdmiN*1512#	Alcaldia Emprende, SIREMI .env, SIREMI source code — 3 systems, same password	3
(empty)	Alcaldia RRHH, MINMUJER legacy, HIDROVEN dev	3
password	MPPOP WordPress	1
n0m1n4	SIGESP payroll (x3 databases on 172.31.8.44)	3
secret / verysecret	FONBE sistema1, FONBE sitreceal	2
Otit3cn0l0g1424oti	INCRET MySQL DB + INCRET SMTP mail — same password for both	2

13. Affected Organizations — 38+

Category	Organizations
National Ministries	MPPOP (Public Works), MINAAMP (Agriculture), MINMUJER (Women), MINCYT (Science/Tech), INDUSTRIAS (Industries), MINDEFENSA (Defense — 2 units: OIDIFANB, VICEDUFANB)
National Agencies	OVS, ONCTI, INHRR, HIDROVEN, FUNDABIT, CHAMBA JUVENIL, SAREP, IPASME, INFOCENTRO, FONACIT, IVIC, TVES, FONDOEFA, TIFM, INCRET, CONVIASA (airline — employee PII exposed), INPPJ (judicial — 298 employee records)
Military	BAER (Army Agroindustrial Brigade), MINDEFENSA (2 exposed .bashrc — web root = home dir)
Financial	FONBE (Welfare Fund), FONDEMI (Microfinance)
Political	PSUV (ruling party — election API with full GraphQL introspection)
State Govts	Bolivar, Guarico, Sucre, Aragua
Municipal Govts	Independencia (Caracas metro), Heres (Bolivar capital), Chacao (wealthiest Caracas district), Los Salias, Atures

Glossary & Organization Reference

Technical Terms

Term	Definition
.env file	Environment configuration file used by Laravel/PHP frameworks. Contains database passwords, API keys, and application secrets in plaintext. Should never be web-accessible.
.git directory	Version control metadata folder. When exposed on a web server, allows complete reconstruction of source code including all file history.
APP_KEY	Laravel framework encryption key. If leaked, enables Remote Code Execution (RCE) via crafted session cookies and session forging to impersonate any user.
.htpasswd	Apache HTTP server password file. Contains username and hashed password for HTTP Basic Authentication. APR1 hashes are crackable with hashcat.
GraphQL Introspection	A feature that exposes the full API schema (types, queries, mutations). When enabled on production systems, reveals all available operations including admin functions.
SFTP	SSH File Transfer Protocol. Credentials for SFTP provide direct filesystem access to the remote server.
SMTP	Simple Mail Transfer Protocol. SMTP credentials enable sending emails from the associated email address — in this case, a government notification account.
LDAP	Lightweight Directory Access Protocol. Used for centralized authentication (Active Directory). An exposed LDAP server handles login for an entire organization's domain.
Bcrypt cost factor	The computational cost of bcrypt password hashing. Cost 5 is trivially fast to brute-force; OWASP recommends minimum cost 10.
SQL Injection	A vulnerability where user input is inserted directly into SQL queries without sanitization, allowing attackers to read, modify, or delete database contents.
CORS wildcard	Setting `Access-Control-Allow-Origin: *` allows any website to make authenticated requests to the server, enabling cross-site data theft.
Gravatar hash	WordPress stores email addresses as MD5/SHA256 hashes via Gravatar. These can be reversed to recover the original email address through pattern-based brute-force.

Venezuelan Government Organizations

Abbreviation	Spanish Name	English Name	Function
MPPOP	Ministerio del Poder Popular para las Obras Públicas	Ministry of Public Works	National infrastructure — roads, bridges, public buildings
MINAAMP	Ministerio del Poder Popular para la Agricultura Urbana	Ministry of Urban Agriculture	Urban farming and food sovereignty programs
MINMUJER	Ministerio del Poder Popular para la Mujer	Ministry for Women	Women's social programs, gender policy
MINCYT	Ministerio del Poder Popular para Ciencia y Tecnología	Ministry of Science & Technology	Research funding, technology policy
INDUSTRIAS	Ministerio del Poder Popular para Industrias	Ministry of Industries	Manufacturing, state factories, SIGESP financial system
MINDEFENSA	Ministerio del Poder Popular para la Defensa	Ministry of Defense	Military — 2 units exposed (OIDIFANB, VICEDUFANB)
OVS	Oficina de Vigilancia Sanitaria	Sanitary Surveillance Office	Food safety, pharma, medical device regulation
HIDROVEN	Hidrología de Venezuela, C.A.	National Water Utility	Water treatment, dams, aqueducts — critical infrastructure
IPASME	Instituto de Previsión y Asistencia Social del Min. Educación	Teacher Social Security Institute	Pensions, savings, benefits for all education workers
INCRET	Instituto Nacional de Capacitación y Recreación de los Trabajadores	National Worker Recreation Institute	Recreational facilities and worker training
CHAMBA JUVENIL	Plan Chamba Juvenil	Youth Employment Plan	Government youth jobs program (ages 15-35)
CONVIASA	Consorcio Venezolano de Industrias Aeronáuticas y Servicios Aéreos	Venezuelan National Airline	State airline — employee PII + home addresses exposed
INPPJ	Instituto Nacional de Previsión del Personal Judicial	Judicial Personnel Institute	Judicial system employee benefits — 298 records + bank accounts exposed
BAER	Brigada Agroindustrial del Ejército Revolucionario	Army Agroindustrial Brigade	Military farming and food production
SAREP	Servicio Autónomo de Registros y Notarías	Registry & Notary Service	Birth/death certificates, property titles, legal documents
FONBE	Fondo Nacional de Bienestar y Educación	National Welfare & Education Fund	Social welfare and education funding
FONDEMI	Fondo de Desarrollo Microfinanciero	Microfinance Development Fund	Small loans and microfinancing
PSUV	Partido Socialista Unido de Venezuela	United Socialist Party of Venezuela	Ruling party — election management API exposed
SIGESP	Sistema Integrado de Gestión y Control de las Finanzas Públicas	Integrated Public Finance Management System	Government-wide financial/payroll system
SIMA	Sistema Integral de Manejo de Aguas	Integrated Water Management System	HIDROVEN's operational water/reservoir management platform

Venezuelan Terms

Term	Meaning
Cédula	Venezuelan national identity number (like SSN). Format: V-12345678. Used for all government services, banking, voting.
RIF	Registro de Información Fiscal — Tax identification number for individuals and businesses.
Alcaldía	Municipal government / mayor's office.
Gobernación	State government / governor's office.
Parroquia	Parish — smallest administrative division within a municipality.
Nómina	Payroll.
Embalse	Reservoir / dam.