The year 2021 broke records for data breaches in companies . It was the highest number of digital privacy violations in Brazilian history. This significant number of data breaches is a clear sign that the worst is yet to come .
Among the possible analyses regarding the record-breaking data privacy breach, two are particularly alarming: the growth in the number of cyber threats and the increased risk of data leaks in companies starting in 2022 .
The year began with a monstrous leak: 223 million CPF numbers (Brazilian taxpayer identification numbers) were put up for sale on the deep web .
To attract buyers, some of this data was exposed on various websites. The security incident – which even included personal data of deceased individuals – was announced by dfndr lab (a cybersecurity specialist laboratory) on January 19, 2021.
This was just the beginning. At least two other major incidents exposed the personal, sensitive data and social records of Brazilians. In addition to the 223 million CPF , we have 270 million records from Dataprev and another 100 million cell phone numbers .
What to do to avoid problems and losses
Even though they don't always originate from hackers and malicious attacks , cybersecurity threats to companies nevertheless always cause significant disruption and losses .
Although the human factor is a key element , it is the companies that are held responsible for data breaches .
A common circumstance – far more so than advisable – occurs when companies fail to invest in managing and controlling internet access .
Therefore, it is the responsibility of companies to handle personal data in their custody in accordance with the LGPD (Brazilian General Data Protection Law) and with the rules and guidelines of the ANPD (National ).
Therefore, in addition to technological solutions and information security systems , they should also invest in raising awareness and training employees .
Data leak affecting ALL Brazilians
Learn more about the data breach that "exposed the personal data of all Brazilians ." In the video, it's easier to see that this massive data breach will continue to generate a lot of discussion and headaches.
He confirms the information and warnings about data leaks in companies in our most recent articles:
- Data breaches are a sure loss for companies
- Data breaches in companies: the human factor is a key element.
- How to identify data leaks in your company
- Data breach at the company! What to do?
- Dos and Don'ts for Employee Data Leakage
The video "Data Leak of ALL Brazilians: How did the hackers get it? What to do?" (17:10), from the Veslasoft Filipe Alves who holds a Master's degree in Computer Science .
Data breach in the company: understand the size of the problem
The leak of personal data from 223 million Brazilians will lead to an exponential increase in the number of cyber frauds in Brazil .
Digital security experts believe the effects of this event will be felt for a long time. What makes them consider the situation very worrying is the extent and variety of information exposed .
See the list of data exposed and put up for sale on more than 223 million Brazilians , 40 million Brazilian companies , and 104 million vehicles :
- CPF
- Name
- Sex
- Date of birth
- Marital status
- Addresses
- Phone numbers
- Family relationships
- Vehicle data (license plate, chassis number, fuel type)
- Information on over 40 million CNPJs (company name, trade name, and date of incorporation).
- Details about income tax returns
- Face photos
- INSS Benefits
- Information from public servant records
- Education
- LinkedIn registrations
- Financial data (credit score, bounced checks, and income, among others).
In the case of the personal data breach, 37 types of sensitive information were exposed .
In the case of companies, in addition to the CNPJ (Brazilian tax ID), company name, trade name, and founding date (which are disclosed for free), hackers sell 17 categories of data .
Ultimately, to make the seriousness of the situation perfectly clear, the various possible data cross-referencing options expand the reach of cybercriminals .
This means that, starting in 2022 and continuing in the coming years, the risks and threats to the internet will be dozens of times greater .
Therefore, a warning is in order: pay maximum attention to the security of personal data and to the management and control of internet access in companies .
Massive data breach: just the beginning of the problem
A year later, this data breach remains unresolved, and the data continues to be sold . This is according to an article published in 2022 on the Tecnoblog .
Among other things, it is not surprising that the volume and type of leaked information have inflated the "hacker market" .
"Cybercriminals are willing to pay, even if it's a high price, to acquire sensitive and personal data. This allows them to better identify their victims and carry out more sophisticated scams."
This is one of the most alarming and warning parts of the article . Without a doubt, it's a clear alert for business owners, IT professionals, and managers of companies of all sizes.
data security issues :
- Ransomware attacks pose an even greater threat. Leaked information allows criminal groups to infiltrate corporate systems more easily. "The possibilities are endless when you have a person's life or a company's history directly on your computer screen."
- Data breaches in companies are set to increase. This is primarily because personal data on employees is now readily available. That is, through social engineering techniques, scams, and online fraud, it becomes even easier for cybercriminals to compromise company security through their employees. "It is likely that there will be more breaches aimed at blackmail and public shaming – where sensitive information is exposed to damage the reputation of a target."
The largest data breach in Brazilian history is still ongoing. This indicates that the risks and threats to data security in companies are likely to intensify.
If you want to access the full article, click here .
Understand this: preventing data leaks in the company is the best solution
Above all, the message is that companies must invest in prevention against cyberattacks and security incidents .
Even more so now, with the information available, the trend is for cyberattacks to become more sophisticated, individualized, and frequent .
Therefore, the best and most efficient way to minimize cyber risks and threats and comply with the General Data Protection Law (LGPD) is to invest in solutions to prevent information security incidents .
As a result, only benefits and advantages: avoiding financial losses and, above all, safeguarding your company's image and reputation .
Since employees are the main gateway for cyberattacks , it is urgent that companies structure and implement data security policies and internet access management and control.
Just as important as investing in information security solutions, technologies, and systems is training and empowering employees .
Preventing data leaks in your company is possible, accessible, and simple. Just adopt preventative measures against cyberattacks and security incidents .
Prevention and information are key words against security incidents
Learning about and staying informed about data breaches in order to act preventively helps reduce damage, avoid losses , and preserve your company's reputation .
Managing and controlling internet access doesn't have to be difficult or complex. Investing in solutions to prevent information security incidents is the most accessible and intelligent strategy.
It is essential to act in accordance with the law ( LGPD ) to guarantee privacy rights and preserve the security of personal data of users/consumers/citizens .
In practice, in addition to prevention , the best solutions on the market productivity and profitability indicators . Just do your research and compare.
Subscribe to our newsletter and receive more news and materials.
