Hacker sells 16 million records of patients diagnosed with COVID-19 after leaking 350,000 patient data from Mexico, Argentina, Colombia and Peru

Information from more than 16 million Brazilian citizens diagnosed with COVID-19, including President Jair Bolsonaro, has been exposed online. Apparently this incident was not the result of a cyberattack, but is due to the carelessness of a health industry employee, who shared on GitHub a spreadsheet containing the keys to access to multiple government systems.

Although the exposed spreadsheet has already been removed from the repository, Brazilian government officials decided to revoke all potentially exposed keys and reset passwords on their computer systems. Despite this report, experts say it is the same hacker who compromised the information of hundreds of thousands of COVID-19 patients in Latin America.

The leak was detected by a GitHub user, who found an unusual document published by Albert Einstein Hospital. Local experts analyzed the spreadsheet, discovering that it contained the passwords to these sensitive systems. Upon discovering what it was about, the user notified the Brazilian Ministry of Health.

The spreadsheet contained access to the Sivep-Gripe and E-SUS-VE systems, a key name for government databases that store COVID-19 patient information. The first of these systems manages the monitoring of hospitalized patients, while the second records patient information with mild symptoms. 

One of the experts who analyzed the exposure ensures that these systems have been exposed for about a month. Among the details committed are:

  • Full names
  • Addresses
  • Phone numbers
  • Taxpayer ID
  • Medical details

As mentioned above, the incident affected multiple Brazilian personalities, including President Bolsonaro and his family, representatives in Congress, some ministers and governors of 17 states. It is still unknown whether any group of threat actors managed to access the compromised information.

Exposure of data from patients diagnosed with coronavirus has become a very common problem. A few weeks ago, specialists at a cybersecurity firm found a cybercriminal selling a database of COVID-19 patients.

Apparently, this hacker was selling 350 thousand records, including full names, phones and addresses of people who have contracted the virus. Security breach incidents are undoubtedly a sign of how vulnerable computer systems are, recalling the more than 80 health companies that have recently been victims of these threats in the United States, Latin America and some European countries.