© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Hackers stole 3TB of sensitive data from the Brazilian government


Everest ransomware group claims the stolen data includes passports, fingerprints, tax documents, and more.

Threat actors added the Government of Brazil to their leak site, claiming they got their hands on the access of gov.br network, a government services website. The website’s owner is Brazil’s federal government.

According to the message on Everest Group’s leak site, threat actors have stolen over 3TB of data. The dataset is said to include passports, CPF and RG numbers, tax documents, and other personal data.

CPF or Cadastro de Pessoas Físicas (Natural Persons Register) is an 11-digit tax number given to all residents of Brazil. RG or Registro Geral (General Registry) is the official identity document in Brazil.

Hackers stole 3Tb of sensitive data from the Brazilian government
Note on the leak site. Image by Cybernews.

The documents and databases associated with them contain names, surnames, addresses, dates of birth, and other sensitive information citizens need to provide to obtain federally recognized documents.

Threat actors included screenshots of Brazilian passports. However, the leak is not confirmed. Cybernews reached out to the government of Brazil, but we did not receive a reply before publishing this article.

Everest Group ransomware has been active since 2018 and has attacked the Brazilian government before. Last year cybercriminals attacked the National Treasury of Brazil.

Last year the Russian-speaking group was spotted for its ‘innovations’ on the double-extortion front. The group has been observed to sell access to the networks they’ve breached, additionally monetizing the hack.

Deep Web intelligence analysts at DarkFeed spotted that Everest was selling 3TB of data from the government of Brazil at the start of the month. However, at the time, the type of data the cybercriminals acquired was unclear.

That’s another tactic employed by Everest and other ransomware groups. Culprits sometimes avoid describing the victim or the stolen data, so the victim would pay the ransom under the threat of appearing on the group’s leak site.


More from Cybernews:

Cyberwar against Russia is creating a risky legal precedent, says expert

Access data for half of top 20 US firms for sale on dark web, report finds

Kim Kardashian and Scott Disick sued over alleged Instagram scam

Hacker spent four days inside the LastPass development environment

Revolut breach: personal and banking data exposed

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are marked