Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ID Numbers for 120 Million Brazilians taxpayers exposed online

InfoArmor discovered a misconfigured server online that contained taxpayer identification numbers for 120 million Brazilian taxpayers In March 2018, security experts at InfoArmor discovered a misconfigured server online that contained taxpayer identification numbers, or Cadastro de Pessoas Físicas (CPFs), for 120 million Brazilian nationals. It is not clear how long data remained exposed online or who accessed them. […]

Brazilian taxpayer directory-listing-red

InfoArmor discovered a misconfigured server online that contained taxpayer identification numbers for 120 million Brazilian taxpayers

In March 2018, security experts at InfoArmor discovered a misconfigured server online that contained taxpayer identification numbers, or Cadastro de Pessoas Físicas (CPFs), for 120 million Brazilian nationals. It is not clear how long data remained exposed online or who accessed them.

Every Brazilian national has assigned a taxpayer identification number that allows him to perform ordinary operations, such as opening a bank account, paying taxes, or getting a loan.

Experts discovered the file index.html_bkp on the Apache server (likely a backup of the index.html), which caused the web server to display the list of the files and folder stored in that folder and download them.

The folder included data archives ranging in size from 27 megabytes to 82 gigabytes.

Experts at InfoArmor discovered that one of the archive contained data related to Cadastro de Pessoas Físicas (CPFs), personal information, military info, telephone, loans, and addresses. 

“CPFsare an identification number issued by the Brazilian Federal Reserve to Brazilian citizens and tax-paying residentaliens, and each exposed CFP linked to an individual’s banks, loans, repayments, credit and debit history, voting history, full name, emails, residential addresses, phone numbers, date of birth, family contacts, employment, voting registration numbers, contract numbers, and contract amounts.” reads the report published by InfoArmor.

Brazilian taxpayer directory-listing-red 2.jpg


Experts believe that directory was used to store database backups. While InfoArmor was attempting to report the discovery to owner of the database, someone replaced the 82 GB file a raw 25 GB .sql file.

In the days following the initial discovery, InfoArmor’s research team attempted to determine who owned the server so they could be notified. During this time, InfoArmor observed that one of the files, an 82 GB file, had been replaced by a raw .sql file 25 GB in size, though its filename remained the same.” continues the report.

“This swap suggests a human intervened. It is possible that a server administrator had discovered the leak, however the server remained unsecured for weeks after this swap”

InfoArmor was any way able to contact the hosting provider that secured the directory by the end of March.

A question remains without response, why this kind of data was exposed a third-party server.

“It is safe to assume that any intelligence organization or cybercrime group with reasonable collection capabilitiesand expertise will have captured this data. This data could very likely be used against the population of Brazil, thenation of Brazil, or any nations hosting people who have a CFP.” concludes InfoArmor.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Brazilian Taxpayers, data leak)

[adrotate banner="5"]

[adrotate banner="13"]