Colombian hacking scandal: Who hacked who?

Andrés Fernando Sepúlveda, Colombian hacking scandal
Andrés Fernando Sepúlveda being led away from the Supreme Court.

A Colombian hacking scandal which shook the political establishment to its core following the last presidential election in 2014 has re-surfaced and may bring with it a series of aftershocks.

The case, involving hacker Andrés Fernando Sepúlveda and Centro Democrático presidential candidate Óscar Iván Zuluaga has dragged through the courts for over two years.

What is now playing out in both the court and the media is an interesting twist to a plot that was already a worthy of a top notch thriller. 

Zuluaga, who was actually ahead of President Santos in the first round of the election, went on to lose in the second round a few weeks later. His defeat came after the release of a video showing him discussing tactics with Sepúlveda and proposing ways that they could use illegally obtained information, particularly about the peace process.

Sepúlveda was arrested for spying on the peace negotiations and for hacking the president’s email. At the time, after initially playing down any connections to Sepúlveda, Zuluaga claimed the video had been made illegally and was a trap.

New evidence given to the Supreme Court by Julián Quintana, the former director of the investigative branch of the Fiscalía, suggests that the case against Sepúlveda originally originated from National Intelligence Bureau, implying that the incident had actually been deliberately orchestrated.

He testified that the intelligence bureau had actually planted two other people, a Spaniard called Rafael Revert and Carlos Alba Bayona, known as ‘Charlie’, into Zuluaga’s camp to get evidence against Sepúlveda.

As a result, the Fiscalía has now opened investigations into Álvaro Echandia, former head of the country’s intelligence bureau.

The speculation in the media is now about whether Zuluaga infiltrated Santos’ campaign or the other way around – or whether the intelligence services simply hired their own hackers to spy on the hacker that Zuluaga had hired.

Key characters:

Andrés Fernando Sepúlveda

The computer whizz at the heart of the scandal who two years ago agreed to co-operate with authorities after pleading guilty to espionage and hacking. In a lengthy interview with Bloomberg published earlier this year, he explained in detail how he had helped to rig campaigns for right wing candidates in presidential and other campaigns throughout Latin America by hacking and using spyware to steal information as well as sophisticated misinformation activities.

Carlos Alba Bayona (aka Charlie)

According to transcripts released by Semana, Charlie (whose name has only recently surfaced) was said to be the middleman between the intelligence bureau and Zuluaga’s campaign. Semana published details of meetings and exchanges of information, but it is not clear who Charlie is working for – since the bureau deny that he had anything to do with them.

Rafael Revert

One of two operatives planted by intelligence services who worked as an IT expert for Sepúlveda.

By Emma Newbery


  1. I’m still not clear why people think the scandal might have been orchestrated by Santos. According to Semana, the DNI only got involved after they became aware of the Zuluaga campaign buying classified information: “Para marzo de 2014 Rafael Revert ya estaba trabajando en la oficina del hacker Andrés Sepúlveda. Allí se dio cuenta, entre otras cosas, de que Sepúlveda estaba comprando ilegalmente información clasificada a agentes de inteligencia para atacar al proceso de paz y al presidente Santos. El español le contó eso a un amigo suyo que trabajaba en el Comando General de las Fuerzas Militares y este lo puso en contacto con ‘Charlie’, quien se presentó como agente de la DNI. A partir de ese momento Revert se convirtió en el enlace de inteligencia entre ‘Charlie’ y la campaña de Óscar Iván Zuluaga.” But then for some reason, the DNI denied having any knowledge of “Charlie”, despite overwhelming evidence to the contrary. So why is the DNI running from this? Can they not send someone to infiltrate an organization doing something illegal?


Please enter your comment!
Please enter your name here