Leak left 243 million Brazilians’ medical records

It is conceivable that the personal data of at least 243 million Brazilians could be obtained within half a year because the source code of the Brazilian Ministry of Health website retains the poor coding certification (via ZDNet). This security vulnerability was first introduced in detail by the Brazilian publisher Estadão.

You can view the personal data of anyone who participates in the Brazilian public welfare framework SistemaÚnicode Saúde (SUS). This information includes the person’s full name, location, and phone number, with details about Estadão. The database also includes data on living and deceased persons, as according to World Bank data, Brazil has a population of more than 211 million in 2019, which is about 32 million fewer than available public records animesprout.

Estadão reported that the Ministry of Health website puts the encrypted access qualifications in a single dataset in the source code. Nevertheless, the login name and key are encrypted with Base64, a strategy that can be easily decrypted. Assuming you can use the console alternative or access it from the menu, and thus become obsolete in a site’s source code, then you can imagine anyone can find these confusing qualifiers, and if they’re smart enough you can decrypt it and access the Brazilian’s personal records.

Considering the personal data that is regularly recorded, happiness records can be very important in the underground market. It is very likely that an agitator knows this weakness and can imagine that he could use this information to achieve his own terrible goal or sell it later. As noted by Estadão, the Ministry of Health has adjusted the issue.