Access to two databases for identifying people affected by Covid-19 in Brazil was published on GitHub in November. A data leak that is of concern as several governments around the world have put in place similar controversial information collection systems for Covid-19.
Nobody in Brazil is spared from the leak
The medical records of 16 million Brazilians living in the 27 Brazilian states have been leaked, including those of President Jair Bolsonaro, members of his family, 7 of his ministers and 17 Brazilian governors. This is the incredible toll of a large-scale data breach in Brazil.
In the same category
The FBI accuses six Russian hackers of being behind MacronLeaks
Simple human error or will to do harm, says the article in the Estadao newspaper, which is passed on by ZDnet, does not. The only certainty is a hospital employee, likely from the Albert Einstein Hospital in Sao Paulo, who uploaded a spreadsheet to GitHub in November. Usernames, passwords and access keys to sensitive government networks could be found on this sheet.
The accesses include the E-SUS-VE and Sivep-Gripe databases. They each contain information about people who are lightly affected by Covid-19, as well as information about patients hospitalized for Covid-19 in Brazil. Some of the data is particularly sensitive, e.g. B. People’s medication regimen, medical history, and records.
The databases to be backed up
The database was discovered by a GitHub user who shared the information with one of the largest Brazilian media outlets, Estadao. After a few checks, the journalists notified the Brazilian Ministry of Health.
The file was removed from GitHub, and officials immediately set about changing passwords and revoking database keys to keep them secure. At this time, it is difficult to know if someone with malicious intent managed to access the information before the file was removed.