[ad_1]
It is no secret that our ID numbers, mainly the RG and the CPF, have been on the market for years, either legally or illegally. But the discovery of the InfoArmor team makes this reality very scary. According to the digital security company, 120 million CPF were badigned to an Internet data server
. The discovery took place in March, but the company reported the case only Tuesday (11). InfoArmor discovered an open server during one of its usual Internet scans for detecting compromised computers, creating reputation IP addresses, and threat agents.
The company discovered that one person had renamed the server's "Index.html" file. "index.html_bkp", revealing the contents of the directory to anyone knowing the name of the file or browsing it would have unlimited access to all the folders and files it contains, as shown below.
The data displayed on the server also contained other sensitive information about the Brazilians related to each exposed FPC, such as bank history, debit and credit, as well as personal data such as the full name,
"It is very likely that sophisticated opponents have collected this information." It took more than a year for stolen data of Yahoo are put on sale on the dark Web and that so much data is provided to him unique because those available on the server are probably among the most exchanged data on the dark Web ", says Christian Lees, head of Information security at InfoArm. or
"Two simple security measures could have prevented this: do not rename the main file index.html and do not prohibit access via the .htaccess configuration."
In the days that Following the initial discovery, InfoArmor attempted to determine who was the owner of the server to warn of the failure, with attempts to send email messages recognized as such. After a series of changes to the content, it was not until mid-April that all data was protected from access to foreigners.
InfoArmor did not discover the people or companies responsible for the failure.
"What was originally misconfigured to be accessible by IP address was reconfigured into a functional site with an authenticated domain" alibabaconsultas.com "which was redirected to its login panel [onde é requerido senha] Although InfoArmor can not be sure that alibabaconsultas.com is responsible for the leak, it seems that they have been involved in one way or the other. another, probably in the service function of accommodation, "said the expert.
InfoArmor nonetheless compared the leakage defect with the data of 143 million Americans in 2017, when hackers invaded Equifax's credit management system . "Unfortunately, it's not uncommon for us to regularly find data leaked into insecure environments – with the mad rush to share leased cloud services, we're seeing a tremendous amount of potentially disclosed data potentially 10 times larger than the average." "Real threat agent activity," says Christian Lees.
Source link
