[ad_1]
The leak of passwords for electronic systems of the Ministry of Health exposed the personal data of 16 million Brazilians who underwent tests for covid-19.
Personal data such as CPF, address, telephone number and pre-existing diseases were disclosed. The information was published by the newspaper The State of S. Paulo this Thursday (Nov. 26, 2020).
Among the people who had the exposed data are the heads of the Executive and Legislative, ministers of the federal government and 17 governors. Here are some of them:
- Jair Bolsonaro, President of the Republic;
- Eduardo Pazuello, Minister of Health;
- Onyx Lorenzoni, Minister of Citizenship;
- Damares Alves, Minister of Women, Family and Human Rights;
- João Doria (PSDB), Governor of São Paulo;
- Rodrigo Maia (DEM-RJ), Mayor;
- Davi Alcolumbre (DEM-AP), president of the Senate.
The exposure of the information was not caused by an attack by hackers, but by an action by Wagner Santos, an employee of the Albert Einstein Hospital who had free access to the databases of the Ministry of Health. He worked on a partnership project with the portfolio and was based at the ministry headquarters.
Santos published on his personal profile on the GitHub platform, on October 28, a list of users and passwords that gave access to databases of people tested, diagnosed and hospitalized for covid-19 in Brazil.
The databases provided, in addition to personal information, details about the patients’ medical history. The people whose data was leaked were examined in public and private health facilities, since the notification of suspected or confirmed cases of covid-19 is mandatory for all hospital units.
To the newspaper The state of São PauloThe Albert Einstein Hospital and the Ministry of Health said that the passwords were exchanged in the systems and that the hospital will open an internal investigation to determine the responsibilities.
The hospital stated that “1 employee would have archived access information to certain systems without adequate protection”. The hospital says it has contacted the Ministry of Health to “Measures were taken to ensure the protection of said information”.
According to the Ministry of Health, the Albert Einstein Hospital confirmed that there was a human error, not a system failure. The agency said it is conducting “Tracking potential sites or cyberspaces where the data may have been replicated”.
Official Wagner Santos said that he posted the password spreadsheet on his profile on the GitHub platform to test the implementation of a model, but forgot to remove the file from the public page.
keep reading
[ad_2]
