Brazil arrests hacker who allegedly breached National Public Data and Airbus

Federal law enforcement agencies in Brazil have arrested an individual believed to have planned and conducted several high-profile cyber attacks, including the one targeting the National Public Data.

 

In a recent press release, Brazil’s Department of Federal Police said that on October 16, it launched Operation Data Breach to investigate data breaches affecting its internal network as well as those of other international institutions.

 

“A search and seizure warrant and a preventive arrest warrant were served in the city of Belo Horizonte/MG against an investigated person suspected of being responsible for two publications selling Federal Police data, on May 22, 2020 and on February 22, 2022,” police said.

 

“The prisoner boasted of being responsible for several cyber invasions carried out in some countries, claiming, on websites, to have disclosed sensitive data of 80,000 members of InfraGard, a partnership between the Federal Bureau Investigation - FBI and private critical infrastructure entities in the United States of America.”

 

While DFP did not name the suspect, a hacker calling himself USDoD has claimed responsibility for hacking into U.S. background check giant National Public Data and leaking the sensitive personal information of millions of individuals.

 

The hacker also claimed responsibility for breaching TransUnion and stealing a 3 GB database that contained highly sensitive personally identifiable information of around 58,505 individuals worldwide, including in the Americas and Europe.

 

USDoD also claimed responsibility for hacking into European multinational aerospace corporation Airbus and exposing the personal information of 3,200 sensitive Airbus vendors, including contact details such as names, addresses, phone numbers, and email addresses.

 

“In the virtual world, the hacker is known for being a malicious actor responsible for leaking large databases of personal information, including those of companies such as Airbus and the United States Environmental Protection Agency,” DFP said.

 

DFP added that its investigation is still ongoing and it is in the process of identifying “any other cyber intrusions that were committed by the person under investigation.”