Hacker threatens to leak personal data from the city of Saquarema (RJ) | Antivirus and Security

Hacker attacks have been giving headaches around the world, and not even the small town of Saquarema (RJ), with about 90,000 inhabitants, has been spared this. A group of attackers threatens to disclose files obtained from the municipal system, including personal data of employees such as CPF, address, telephone, PIS / PASEP and even blood type.

Notebook (Image: Flickr / Visual Content)

What’s in the leak in Saquarema?

The attackers claim to have accessed city hall servers on February 16, 2021, extracting a total of 35 GB. “This includes personal information, financial and tax documents,” he says to the Tecnoblog the group responsible for the Avaddon ransomware.

On February 25, they gave the city of Saquarema a 10-day deadline to respond, which apparently has not yet happened – the page with the threat of leakage is still on the air on Thursday (4). The group is charging a sum of money for not exposing the data, without publicly revealing the value.

Avaddon charges for not leaking more data (Image: Reproduction)

Avaddon charges for not leaking more data (Image: Reproduction)

“We give 240 hours to contact and cooperate with us; if they don’t do it before that time, we intend to leak all of their important documents and files, including financial, tax and employee documents, ”says the notice posted on the Avaddon website on the dark web.

Hackers put a free sample on this site, which includes contracts, administrative decisions, slips and expense spreadsheets. The most worrying part is the registration form of an employee, which brings a series of personal data: full name, date of birth, CPF, RG, address, telephone, PIS / PASEP, voter title, position, capacity and blood type.

Excerpt of leaked document with employee data (Image: Reproduction)

Excerpt of leaked document with employee data (Image: Reproduction)

The Saquarema city hall has a transparency portal that has some data present in the leak – the discrimination of municipal expenditures, for example – but in a different format and with less details. There is a staffing area, but it is currently down; even if it worked, she certainly couldn’t reveal as much information from employees as that.

In a statement to the Tecnoblog, the municipality of Saquarema states that “it has adopted the necessary measures for the security and protection of the computerized system and the data contained therein”. She also says that “the fact was the subject of a police record and the investigations are in charge of the competent police authority”.

This positioning came through Messenger, through the official city hall account on Facebook. In the past seven days, we have also tried to contact you in other ways, without success: no one answered the phone, and the emails we sent came back because the inbox is full. We also sent a message to an employee of the Social Communication Department via LinkedIn, but we did not get a response. (The Avaddon website, in turn, has a contact form and responded to us in a few hours.)

Leak includes details on public spending in a different format from the transparency portal (Image: Reproduction)

Leak includes details on public spending in a different format from the transparency portal (Image: Reproduction)

LGPD also applies to public bodies

The LGPD (General Law for the Protection of Personal Data) establishes, in one of its first articles, that it can be applied “to any processing operation carried out by a natural person or by a legal person under public or private law”. That is, government agencies are also subject to sanctions in case of exposure of personal information.

The ANPD (National Data Protection Authority) is responsible for analyzing this type of incident and deciding on the punishment: public entities are subject to administrative warnings and sanctions, while companies can also be fined up to 2% on annual revenues, limited to R $ 50 million. These punishments can only be applied from August 2021.

Ransomware turned billionaire business

Avaddon is a ransomware, that is, a malicious program that encrypts all files on a hacked PC and charges a ransom to return access to the files. Since last year, he started to adopt the double extortion tactic: if the person does not want the files back – for having a backup – they threaten to leak everything on the internet, unless you make a payment (usually in bitcoin).

Ransomware has become a multi-billion dollar enterprise, according to a report by security company Group-IB: it detected more than 500 such attacks in 2020 alone, with an average value of $ 170,000 obtained by extortion. Avaddon is just one of several types: there is also Maze, Egregor, Conti, among others.

Updated at 4:20 pm with positioning of the city hall

Leave a Comment