Brazil's health agency has suffered what is arguably the worst data-exposure in world history, losing 243m+ records in a country of 211m people (the excess represents dead peoples' records).
For more than six months, the HTML for the website for the Sistema Único de Saúde included the login and password to access the database as an administrator; the credentials were obscured through Base 64 encoding, a trivially detected measure that is just as easy to bypass.
Included in the breach are many officials, including the Brazilian dictator Jair Bolsonaro and his junta.
The insecure systems were built by an IT contractor called Zello (formerly MBI Mobi), which has billed the Brazilian state $8.5m since 2017.
The vulnerabilities were discovered by the NGO Open Knowledge Brasil, who sounded the alarm. The breach puts every Brazilian at risk of identity theft and many other forms of cyberattack.
Mamot.fr est une serveur Mastodon francophone, géré par La Quadrature du Net.