Officials deny CI Company Registry hacked

| 18/02/2013

3005965-slide-loophole4all-caymans-certificates2.jpg(CNS): The servers which hold information on the companies registered in the Cayman Islands have not been breached, officials from the Financial Services Ministry stated Monday. Following claims by an Italian artist that he had hacked the government website and collected information on more than 200,000 Cayman Islands companies as part of a protest against offshore tax laws, the government said this was not the case. The Registry of Companies servers have not been compromised, the Registry’s Senior Assistant Registrar Donnell Dixon said, and there has been no interference with the Cayman Islands Online Registry Information Service (CORIS) used to share information between local financial services agents and the Registry.

“Just like any member of the public is able to do, the person who claims to have hacked our servers conducted a search for companies on the Registry’s website,” Dixon said. “‘He then cut and pasted the names of these companies onto a template, in order to create bogus certificates. To the unsuspecting public, these fake certificates appear to be authentic.”

As part of a political art project Paolo Cirio claimed to have ‘grabbed’ or hacked a list of all companies incorporated Cayman and was selling the "identities of those companies at a low cost to democratize  privileges of offshore businesses” as a form of tax resistance on his website, which  instructs visitors to choose from the 200,000 companies and purchase a digital certificate of incorporation and redirect their own tax bills.

However, Dixon pointed out that it’s impossible to obtain the certificate image from the Registry’s website, as the image is not stored on the server.  

"Not storing the image on the server is one of the simpler ways in which we protect data," he said, adding that the Registry’s website features robust security features that prevent information theft.

Print Friendly, PDF & Email

Category: Local News

About the Author ()

Comments (13)

Trackback URL | Comments RSS Feed

  1. Anonymous says:

    Hopefully he will hack the Delaware company register, home of the Vice President. That tax shelter puts Cayman to shame….and gee…it’s ONSHORE!

    Wake up world, we do legitimate business down here. Look at home for your tax cheats…and in case of Italy, look at your politicians.

  2. Kosher Nostra says:

    Truth is dear sir, is that if your citizens paid to Ceasar what is his, Caman would have no space for business.  Stop worrying about the troubles out there and worry about Italy from the inside first!


  3. Anonymous says:

    Worked in the Cayman Islands for four years and have yet to see information security that can be considered robust from government to local businesses. Been to banks and seen ATM's rebooting, showing valuable information. Sounded this concern to my former company and they have yet to take this serious. It is not a matter of IF but WHEN it will happen to Cayman's infrastructure. Businesses beware. Take information security seriously.

  4. Anonymous says:

    Shysters everywhere….even in Italy…….

  5. Anonymous says:

    Cayman Govt. & businesses DO need to be careful about hackers. The amount of Spam & Phishing I get locally plus the global news items of successful hackers against giant corporations shows it CAN happen. Be protected Cayman; keep as much offline & on secure servers as possible.

  6. Sotong says:

    Looking at Mr Cirio's site, all the different certificates seem to be based on the same template – all of them are dated 21st February 2011. The only information that differs from certificate to certificate is the Comany Name and Tax Identification Number.

    Checking the General Registry website and looking at the Search for Companies Information section, Company Names are freely available and in the public domain. If you enter a 'T' for example into the search box it pulls back all company names starting with a 'T'.

    It looks to me like Mr Cirio has harvested all of this publically available data, obtained a template of a certificate (perhaps by registering his own company), and developed his website 'art project' combine the two.

    To be honest this seems like a fairly cynical way for him to make money (dressed up as art or anti-capitalist direct action). It is easy for him to make claims of hacking, in fact I am sure that is great PR for him and his business – but all the information on his site is publically available.

    • Anonymous says:

      Having the template of the certificate with ones company name on it should be scary. Certificates can be used to steal a company’s identity for use in another country. The possibilities are endless. I spoke with Paolo on the phone today and he claimed he would remove my company from his website. Whether he does or not remains to be seen. He also said it was all done for a joke and that he would place a disclaimer stating as such on the website. But, from reading the website, it appears that he is encouraging people to steal the company’s identities for a number of purposes. I realize that the info is public record but the template is not supposed to be public.

  7. Anonymous says:

    Are you kidding me? I checked the website for this hacker and found that I could buy the certificate for my company for US $29.99. Anyone could buy it. And the website wasn’t hacked? Right.

  8. vs says:

    Anyone who does not think that MI5 and the FBI do not have full access to all meaningful data held in Cayman is kidding themselves.  The access to intelligence information is one of the main benefits the UK and US see in having UK associated territories at the heart of the OFC network.  Yes Cayman is riddled with informers and yes a little money talks here and there, but the reality is that electronic monitoring and invasion does the job so much better nowadays and the real task is the data mining back in Gloucestershire and Virginia.

  9. St Peter says: