Huge theft reportedly sees 2TB of private data stolen - police files hit in major breach

News
By published

Third-party attack claims the data of the Brazilian military police

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)
  • Maida.health allegedly leaks 2.3TB of Brazilian military police medical and personal data
  • Cybercriminals advertised stolen records including diagnostics, ID cards, and healthcare contracts online
  • Healthcare remains a top target due to sensitive data and risk of identity theft or fraud

Maida.health, a Brazilian health technology company, allegedly suffered a data breach in which it lost more than 2TB of data concerning the country’s military police.

A threat actor recently posted a new thread on an underground forum advertising 2.3 terabytes of data sourced from maida.health, including the health records of Brazilian military police, identification cards and other details, as well as medical reports.

“This data includes all medical services and management of healthcare contracts in the Brazilian health system, particularly the Brazilian military police,” the post reads. “It specifically covers diagnostic and treatment services such as cardiology, neurology, gynecology, and more, including patient details, identification cards, and medical records for both personnel and their families.”

Identity theft and medical fraud

So far, there has been no confirmation on the authenticity of the claims. The attacker posted a sample that is yet to be analyzed by security researchers, which allegedly includes invoices for medical care, administrative protocols, regulatory certificates, and clinical patient data.

In its writeup, Cybernews explained how the data might be abused: “When this kind of data is leaked, it could often lead to identity theft or medical fraud. For example, criminals may try to impersonate the victim to receive medical care or try to get prescription drugs in the victim's name,” the researchers said.

This is not the first time the citizens of Brazil had their sensitive data leaked. In fact, at one point in early 2024, the entire Brazilian population was potentially put at risk, when researchers found an unprotected database that held personal information on approximately 223 million Brazilians.

Given that by 2021 data, Brazil has 214 million people, it could be that information on the entire population of Brazil was contained in that database.

Due to the sensitivity of the information generated, the healthcare industry is widely considered as among the most targeted ones.

Via Cybernews

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.