Personal information of 243m Brazilians could be accessed by anyone
Friday, December 4, 2020
Information stored in SUS is used by the Ministry of Health and other government departments to formulate health policies and policies regarding drugs, equipment, immunobiological, and other resources of interest for human health. The system also helps the government offer therapeutic and pharmaceutic assistance to citizens, carry out sanitation and health surveillance, and to formulate and execute the national policy for blood and its derivatives.
Commenting on the massive leak of the personal information of millions of Brazilians, which fortunately was discovered by journalists and not malicious actors, Ilia Kolochenko, the founder & CEO of ImmuniWeb, said many governments tend to outsource software development to the cheapest providers, resulting in sub-optimal quality and security of the code.
"Cybercriminals are perfectly aware of these amazing opportunities and effortlessly harvest the long-hanging fruits. Worse, such incidents and consequential attacks are hard, if not impossible, to detect in a timely manner.
"To prevent such incidents, organizations must do 3 simple things: invest into continuous security training for developers, continuously monitor Internet from leaked source code including resources such as Stack Overflow and not just Code Repositories, and keep in mind that when external software development company provides a price that is too good to be true – it’s likely so," he added. Read Full Article
SiliconANGLE: 243M Brazilian health records exposed by password left in website source code
Threatpost: Cayman Islands Bank Records Exposed in Open Azure Blob