Photos from 13 thousand documents as IDs, CPFs and CNHs, in addition to data from 227 million Brazilians, were offered for sale in a forum by two cybercriminals. According to the cybersecurity company Syhunt, in a report sent to TechWorld, only the sample has data on more than 2.5 million people.
According to the security company, two posts made in a well-known forum — recently the scene of the latest “discoveries” in cybercrime — by users “YZK” and “Sr_Siriguejo” put two distinct leaks up for sale:
Sample, also known as sample, is a piece of the leak made available to prove the veracity of the document
- The first involves the photos from 13 thousand documents such as RG, CPG and CNH, as well as an undisclosed number of credit cards
- The second user offers 1.2 GB of data, “including the names of the mothers of 227 million Brazilians, in addition to leaking the name of the mothers of 2 and a half million Brazilians as a free sample,” says Syhunt
- The company’s report was published online and can be viewed here
Leaked documents and censored images
Where did this data come from?
Of the 13,000 photos of RGs, CPFs and CNHs, it is not yet possible to specify a date that indicates when this information was obtained, says Syhunt. However, analyzing the images, it is possible to see that they are probably about some type of authentication. In other words: these documents were in the database of some application that required photo with document for initial registration.
Some application, unfortunately, is vague. But services that require a photo with a document for registration are usually banking — or issuing digital certificates and remote validations. Even so, it is still not possible to specify the location of the leak.
The sale of the documents was set at US$300, around R$1,534 at the current currency rate.
And the 227 million Brazilians?
According to Syhunt, the cybercriminal responsible for trying to sell the data of 227 million people leaked “the names of the mothers of 2.5 million Brazilians as a free sample.”
The free disclosure of mothers’ names already serves as a treat for scammers
According to the cybercriminal’s publication, the data were obtained from a DETRAN/DF server and have the maximum date of 2019. The information gathers the CPF number, full name, date of birth, mother’s name, sex, whether he would be alive or not and full home address. The complete base totals 37.7 GB.
Syhunt, however, claims that this information had probably already been put up for sale in “previous megaleaks,” but that this would be the first time that mothers’ names have been compiled as a free sample. As the company recalls, the “mother’s name” is very valuable: it is often requested in stages of validation of online services, information that could make the job of a cybercriminal easier.
Captured by Syhunt
How can I protect myself?
With all the leaks and recent compilations, we can assume that our data is probably circulating the internet. That’s why it’s important that you take care of your digital health with a few steps:
- Always enable 2FA (second authentication factor) in apps and services; if possible, use a third party application for this (Microsoft Authenticator, Google Authenticator etc)
- Do not click on unknown links received on WhatsApp, email and social networks
- Do not make payments of any kind after contacting online: always call the person to confirm
- Do not accept bank charges via phone or email: be proactive and contact your bank if you have any questions
- Have an antivirus installed on PC and mobile
How to report to TecMundo
You can make complaints through the channels: