Jump to content

Personal data of 16 million Brazilian COVID-19 patients exposed online

Recommended Posts

Among those affected by the leak are Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors.




The personal and health information of more than 16 million Brazilian COVID-19 patients has been leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub this month.


Among the systems that had credentials exposed were E-SUS-VE and Sivep-Gripe, two government databases used to store data on COVID-19 patients.


E-SUS-VE was used for recording COVID-19 patients with mild symptoms, while Sivep-Gripe was used to keep track of hospitalized cases.


The two databases contained sensitive details such as patient names, addresses, ID information, but also healthcare records such as medical history and medication regimes.


The leak came to light after a GitHub user spotted the spreadsheet containing the passwords on the personal GitHub account of an employee of the Albert Einstein Hospital in the city of Sao Paolo.


The user later notified Brazilian newspaper Estadao, which analyzed the data and notified the hospital and the Brazilian Ministry of Health.


Estadao reporters said that data for Brazilians across all 27 states was included in the two databases, including high profile figures like the country's president Jair Bolsonaro, the president's family, seven government ministers, and the governors of 17 Brazilian states.



The spreadsheet was ultimately removed from GitHub while government officials changed passwords and revoked access keys to resecure their systems.


Since the onset of the COVID-19 pandemic, several governments and government contractors have had problems securing their COVID-19-related apps and databases.


Vulnerabilities and leaks were discovered in COVID-19 apps and systems used in Germany [12], WalesNew ZealandIndia, and others.


According to research published by Intertrust this September, around 85% of COVID-19 contact tracing apps leak data in one way or another.



Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...