On Tuesday morning (19), the dfndr lab, PSafe’s cybersecurity laboratory, reported a huge leak in a Brazilian database that may have exposed the CPF number and other confidential information of millions of people.
According to the experts, who use artificial intelligence techniques to identify malicious links and fake news, the leaked data contains detailed information on 104 million vehicles and about 40 million companies, potentially vulnerable to 220 million people.
The information contained in the compromised database includes the name, date of birth and CPF of almost all Brazilians, including authorities. In a press release, the director of the dfndr lab, Emilio Simoni, explained that the biggest risk is that this data will be used in phishing scams, in which a person is induced to provide more personal information on a fake page.
The destination of the leaked information
Information on the more than 104 million vehicles reveals important details, such as chassis number, license plate, municipality, color, make, model, year of manufacture, engine capacity and even the type of fuel used. In the case of legal entities, the following were leaked: CNPJ, corporate name, trade name and date of foundation.
Simoni also clarifies that, since they are precious information for the market, it is assumed that they are traded illegally in some dark web forum. While part of the bases is made available for testing, he says, cybercriminals sell “the most in-depth data, such as e-mails, phones, purchasing power data and occupation of affected people”.
In the statement, PSafe does not inform either the name of the company involved or how the information was leaked, whether it was due to a security breach, hacker invasion or easy access. The new Data Protection Security Law provides for fines that can reach R $ 50 million for an infraction of this type.
TecMundo discount coupons: