While the entire world is trying its best to contain the spike of the new Omicron COVID-19 variant, some hackers have targeted the database registered with the Brazil Health Ministry halting the process of vaccinating the public and stealing vital vaccination data since December 12th, 2021.
Interestingly, the attack is the second in just a week, giving the officials a hard time to recover the data and bring back the vaccination services to normalcy.
Sources reporting to Cybersecurity Insiders state that the file encrypting malware attack was launched by a little-known hacking group dubbed Lapsus$ that has also brought digital inoculation certificates to a big halt- giving jitters to air- travelers who were excited to meet their loved ones for the Christmas 2021.
Lapsus$ is reportedly demanding a hefty sum from the Brazil Health Ministry Systems and, if denied, is threatening to release the 4TB stolen data onto the dark web.
Prima facie, launched by the Brazilian Government, found that the information was stolen from a storage bucket dedicated to the Brazilian Health Ministry and hosted on Amazon Web Services (AWS). And the threat actors might have possibly accessed the information by first infiltrating SisReg, the Brazilian Ministry’s web system that controls the entire data storage and access procedure of the national health system.
Even the ConecteSUS app that is used by the populace to keep a track of their medical records and COVID-19 vaccination records has been pulled down as a precautionary measure.