Total Tests:

Brazil’s Health Ministry’s Website Data Leak Exposed 243 Million Medical Records for More Than 6 Months

By Alicia Hope for CPO Magazine
Saturday, December 12, 2020

Given the predictable pattern of Brazilian health systems’ data leaks, it seems that the affected systems were developed by a single developer with little cybersecurity knowledge. Besides, any armature software developer knows that website’s code could be viewed from the browser and that Base64 encoding does not hide data from attackers.

Ilia Kolochenko, Founder & CEO of web security company ImmuniWeb, notes that such easily-preventable data leaks originate from the practice of hiring cheap system developers.

“While many organizations tend to outsource software development to the cheapest providers, eventually getting the corresponding quality and security of the code,” Kolochenko says. “Cybercriminals are perfectly aware of these amazing opportunities and effortlessly harvest the long-hanging fruits.”

He adds that the “consequential attacks are hard, if not impossible, to detect in a timely manner.” He advises organizations to invest in developers’ continuous cybersecurity training, consistently monitor the internet for leaked source code, and remember that “when external software development company provides a price that is too good to be true – it’s likely so.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential