Comments: Details Of 92 Million Brazilians Auctioned On Underground Forums

By   ISBuzz Team
Writer , Information Security Buzz | Oct 07, 2019 01:49 am PST

Someone is auctioning on underground forums a database allegedly containing personal information of 92 million Brazilian citizens. They claim that every record is real and unique.The seller also advertises a search service focused on Brazilians, saying that they can dig up details about an individual starting from minimum initial data.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Paul Edon
Paul Edon , Senior Director (EMEA)
October 7, 2019 11:11 am

There is a trend that can be seen across both the public and the private sector. Typically, security spend has been associated with maintaining regulatory compliance. If that budget can be minimized and compliance can be achieved, the business can continue operating. As we have seen, there have been many high profile data breaches that have had serious financial implications to the affected organizations who met their regulatory compliance objectives.

The potential exposure of such a large database of data is worrying, and shows that cybercriminals are becoming more and more motivated by the potential monetary gain of selling personal identifiable information – which has become a kind of currency on the dark market. Organisations and governmental bodies need to consider going above and beyond the security measures recommended as standard practice, or they will find themselves unprepared. When retaining this kind of data it is critical to choose an encryption solution that not only protects the database instances but also provides protection for data in transit and at rest.

Last edited 4 years ago by Paul Edon
Corin Imai
Corin Imai , Senior Security Advisor
October 7, 2019 11:07 am

The potential exposure of 92 million records of Brazilian citizens is the latest in a long line of high profile data breaches targeted at public institutions, and proves our current data protection model is woefully inadequate. Data breaches happen daily, in too many places at once to keep count – and cybercriminals aren’t likely to let up anytime soon. Organizations – public and private – need to become smarter at protecting data to mitigate the risk to their customers and their own companies. New resources will need to be allocated to the IT and security teams in the form of additional, well-trained cybersecurity staff and the right detection and threat intelligence technology in place.

Last edited 4 years ago by Corin Imai

Recent Posts

Would love your thoughts, please comment.x