223 million citizens are at risk of becoming victims of multiple hacks.
A Cybernews study revealed a publicly available Elasticsearch instance containing a huge amount of personal data from Brazilians.
Elasticsearch is a tool widely used for searching, analyzing, and visualizing large amounts of data. The data leak was not related to a specific company or organization, which made it difficult to determine the source of the leak.
The cloud server hosted a cluster containing data with full names, dates of birth, gender, and CPF numbers (Cadastro de Pessoas Físicas) — an 11-digit identifier for taxpayers in Brazil.
Total number of leaked records (left) and sample citizen data leak (right)
More than 223 million records were found in the leaked data, suggesting that the leak could have affected the entire population of Brazil. Although the data is no longer publicly available, it may have fallen into the hands of attackers who may have used the information for identity theft, fraud, and targeted cybercrime. Such actions can lead to financial losses, account hacks, and other serious consequences for those affected. The scale of the leak increases the potential damage from its use.
In December, cable TV and Internet service provider Xfinity (a division of Comcast Corp) reported a cyberattack on its systems that occurred in October. Xfinity revealed that the attackers managed to exfiltrate the data of 35,879,455 people.
A Cybernews study revealed a publicly available Elasticsearch instance containing a huge amount of personal data from Brazilians.
Elasticsearch is a tool widely used for searching, analyzing, and visualizing large amounts of data. The data leak was not related to a specific company or organization, which made it difficult to determine the source of the leak.
The cloud server hosted a cluster containing data with full names, dates of birth, gender, and CPF numbers (Cadastro de Pessoas Físicas) — an 11-digit identifier for taxpayers in Brazil.
Total number of leaked records (left) and sample citizen data leak (right)
More than 223 million records were found in the leaked data, suggesting that the leak could have affected the entire population of Brazil. Although the data is no longer publicly available, it may have fallen into the hands of attackers who may have used the information for identity theft, fraud, and targeted cybercrime. Such actions can lead to financial losses, account hacks, and other serious consequences for those affected. The scale of the leak increases the potential damage from its use.
In December, cable TV and Internet service provider Xfinity (a division of Comcast Corp) reported a cyberattack on its systems that occurred in October. Xfinity revealed that the attackers managed to exfiltrate the data of 35,879,455 people.
