Website claims leaked data of millions of Brazilians in 2021 continues to circulate

The 2021 mega-leak that exposed data on the entire Brazilian population is likely still ongoing. Information on the internet includes the full names, date of birth, gender and CPF of 223 million people..

According to website cyber news, personal information was on Elasticsearch. Elasticsearch is a search engine for use cases in log analytics, full-text search, security intelligence, and more. Roughly speaking, it is a kind of Google for big data searches.

The new leak or leak was on a public instance of Elasticsearch; anyone (including malicious actors) can query. The information was not linked to any company or organization, so it was not possible to analyze the source of the leak.

Despite the new exhibition database is no longer publicly available. HE cyber news released the report last Monday (09) but did not disclose the exact dates for which Brazilians’ data was available.

Once on the internet, always on the internet

For those who don’t remember, In January 2021, cybersecurity company PSafe’s dfndr lab revealed a major leak affecting 223 million Brazilians – a figure that shows that even people who are already dead are affected, as Brazil’s population reached 214 million that year.

The case was one of the worst in recent history and revealed serious vulnerabilities in the cybersecurity systems of public and private institutions in the country. And since the number of Brazilians affected in 2021 is exactly the same as the case reported by Cybernews, it is possible to imagine that the latest story is a broadcast..

And all that can be said is Once data is leaked to the internet it will always be on the internet. It doesn’t matter if they’re floating around on dark web forums, repositories like Elasticsearch, or even sold in cybercriminal groups on Telegram.

Be careful

It is important to say: Just because your data is already on the internet doesn’t mean you shouldn’t worry about it.. It is important to know that you can fall victim to many types of scams at any time.

While full name, CPF, gender and other information are readily available, criminals can use this data to engage in social engineering scams.

Armed with all this information about a person, Scammers may persuade victims to authorize financial transactions or even transmit a password via a phone call.For example.

Personal data can also be used to commit fraud, purchase products or services on behalf of victims, purchase phone lines, and much more.

In other words, exposure remains great. Therefore, here are some tips to avoid falling victim to online and offline scams:

• Pay attention to your privacy settings on all your devices;
• Update software frequently;
• Create strong passwords;
• Don’t click on suspicious links;
• Don’t use unsecured Wi-Fi networks;
• Enable two-step authentication;
• Do not transmit passwords or other sensitive data to representatives by phone, WhatsApp or other means.