The personal and health details of more than 16 million Brazilian COVID-19 patients, including Government representatives, have been exposed online.
Personal and health details of more than 16 million Brazilian COVID-19 patients has been accidentally exposed online due to an error of an employee of a Brazilian hospital.
An employee of Albert Einstein Hospital in Sao Paolo has uploaded a spreadsheet containing usernames, passwords, and access keys to sensitive government systems on GitHub.
The spreadsheet contained the login credentials for several systems, including the E-SUS-VE and Sivep-Gripe applications that are used to manage data on COVID-19 patients.
The archive includes data belonging to government representatives, including Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors.
The exposed data includes patient names, addresses, ID information, but also healthcare records such as medical history and medication regimes.
The data leak was discovered by a GitHub user who found the spreadsheet containing the credentials on the GitHub account associated with the hospital employee.
The user shared his discovery with the Brazilian newspaper Estadao, which notified the Brazilian Ministry of Health and the hospital.
The spreadsheet was promptly removed from GitHub and the passwords and the access keys for the systems were changed.
(SecurityAffairs – hacking, COVID-19)
Share On
Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at “Cyber Defense Magazine”, Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog “Security Affairs” recently named a Top National Security Resource for US. Pierluigi is a member of the “The Hacker News” team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books “The Deep Dark Web” and “Digital Virtual Currency and Bitcoin”.
The personal and health details of more than 16 million Brazilian COVID-19 patients, including Government representatives, have been exposed online.
Personal and health details of more than 16 million Brazilian COVID-19 patients has been accidentally exposed online due to an error of an employee of a Brazilian hospital.
An employee of Albert Einstein Hospital in Sao Paolo has uploaded a spreadsheet containing usernames, passwords, and access keys to sensitive government systems on GitHub.
The spreadsheet contained the login credentials for several systems, including the E-SUS-VE and Sivep-Gripe applications that are used to manage data on COVID-19 patients.
The archive includes data belonging to government representatives, including Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors.
The exposed data includes patient names, addresses, ID information, but also healthcare records such as medical history and medication regimes.
The data leak was discovered by a GitHub user who found the spreadsheet containing the credentials on the GitHub account associated with the hospital employee.
The user shared his discovery with the Brazilian newspaper Estadao, which notified the Brazilian Ministry of Health and the hospital.
The spreadsheet was promptly removed from GitHub and the passwords and the access keys for the systems were changed.
(SecurityAffairs – hacking, COVID-19)