Hacker auctioning database containing info on 92m Brazilian citizens

Hacker auctioning database containing info on 92m Brazilian citizens


A cyber criminal is claiming to be in possession of a 16GB SQL database that contains personal data of up to 92 million Brazilian citizens. The database is up for auction on various restricted-access underground forums that are frequented by experts in the field.

Information about the auctioning of the massive database was obtained by Bleeping Computer that noted that the database may contain a lot of information concerning the entire tax-paying population of Brazil, virtually making the database a gold mine for hackers who exploit such databases for purposes such as phishing, credential-stuffing, identity theft, and account takeover.

The auctioneer, using the alias X4Crow, is claiming on restricted underground forums that personal information of Brazilian citizens stored in the database includes names, dates of birth, taxpayer IDs, gender, and mother’s names. Using any one of these parameters, they can find out information available about specific persons based on information available in Brazilian national identification documents such as driver’s licenses or ID cards.

“The potential exposure of such a large database of data is worrying, and shows that cybercriminals are becoming more and more motivated by the potential monetary gain of selling personal identifiable information – which has become a kind of currency on the dark market,” says Paul Edon, senior director, technical services at Tripwire.

“Organisations and governmental bodies need to consider going above and beyond the security measures recommended as standard practice, or they will find themselves unprepared. When retaining this kind of data it is critical to choose an encryption solution that not only protects the database instances but also provides protection for data in transit and at rest,” he adds.

Stolen Brazilian database contains detailed info about every taxpayer

According to Bleeping Computer, the database could have been stolen from a Brazilian government department and may include additional information such as people’s mobile and landline numbers, email addresses, old addresses, profession, education level, possible relatives, neighbours, license plates, and vehicles, even though all these details may not be available for every Brazilian.

While the entire database is being auctioned with bids starting from $15,000, the cyber criminal auctioning it is also offering other paid services based on data stored in the database. For instance, other hackers can obtain data on any company and its corporate structure located in Brazil by paying $150 or a discounted amount.

Corin Imai, senior security advisor at DomainTools, says that with so much data being stolen by hackers on a regular basis, organisations – public and private – need to become smarter at protecting data to mitigate the risk to their customers and their own companies.

“New resources will need to be allocated to the IT and security teams in the form of additional, well-trained cybersecurity staff and the right detection and threat intelligence technology in place,” he adds.

In February this year, over 620 million stolen online accounts were put up for sale on the Dream Market cyber-souk, a Dark Web marketplace that could be accessed using Tor. The accounts contained names, email addresses, and passwords of millions of people from across the globe.

While 162 million accounts were stolen from Dubsmash, 151 million were stolen from MyFitnessPal, 92 million from MyHeritage, 41 million from ShareThis, 28 million from HauteLook, 25 million from Animoto, 18 million from Whitepages, 16 million from Fotolog, 11 million from Armor Games, and 8 million such accounts were stolen from BookMate.

In November last year, Pakistan’s Federal Investigation Agency (FIA) revealed that hackers had managed to breach the servers of as many as twenty-two Pakistani banks and had stolen more than 19,000 debit card data. As a result, customer data from almost all Pakistani banks were dumbed on the Dark Web. The list of affected banks included Habib Bank Limited, Bank of Punjab, Standard Chartered Bank Limited, United Bank Limited, and Meezan Bank Limited.

Copyright Lyonsdown Limited 2021

Top Articles

2,500 years of Threat Intelligence

In order for threat intelligence to deliver as promised, we need to heed Sun Tzu and start with a data-driven approach.

Don’t fall foul of homoglyph web domains

Homoglyphs are characters from other scripts, which can look like Latin letters. They are used in domain names and they are very hard to spot.

Cyber attack targeted Spanish beer maker Damm; halted brewery operations

Damm, Spain's second largest beer-making company, suffered a major cyber attack targeting one of its IT systems last week.

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]