Gov.br - Hacked, 3TB of Sensitive Data Downloaded 2022.
The threat actor Everest stole over 3TB of data from the Brazilian government. The data breach included passports, CPF, RG numbers, tax documents and other sensitive personal data.
CPF or Cadastro de Pessoas Físicas (Natural Persons Register) is an 11-digit tax number given to all residents of Brazil. RG or Registro Geral (General Registry) is the official identity document in Brazil.
Employees working for gov.br did not know about the breach !
I checked with some people today and not one of them knew ! So someone is covering this up. Plus the leak was removed from their original leak site and put on a market place for hackers.
Also the latest entry point is: sp.gov.br
The leak was published:2022-09-19-13:31 and the message reads:
For sale access to the gov.br network.
Access to 3 networks, all linked to a gov.br domain .The package is not sold separately as all accesses are interconnected.
There is more than 3 TB of data associated with the sector on the main access. A huge amount of CPF, RG, Passport,tax documents and other personal data. The sale includes multiple employee working accesses. Access to databases and so on VPN login details + Credentials + some extra rdp connections to
All information is exclusive and can be of great value especially before the upcoming elections.
It also includes a company access that serves more than 5.5 million people.
This leak could probably have been prevented if gov.br had some kind of cybersecurity staff watching the Dark Web and hacker forums, plus only allowed for text based emails, with no clickable links.
I wrote an article 27/08/22 where a hacker "invisible" was selling "WebShell Access" to gov.br and gob.mx on a hacker forum for $150 USD.
It would not be surprising if they purchased this access from the hacker or an insider.
First published 2022-10-14.