Hackers calling themselves Lapsus$ Group claim to have stolen 50TB of data, including COVID-19 vaccination certificates, from networks operated by Brazil’s Ministry of Health.
The attack was revealed on Dec. 10 when the Ministry of Health website’s homepage was replaced by an image from Lapsus$ Group claiming the ministry would have to contact the hackers to restore the data the group had stolen, copied, and deleted from its networks.
ZDNet reports that Lapsus$ Group targeted the ConecteSUS app Brazilians can use to “view their clinical history,” per a translated version of the app’s website, including “vaccines applied, COVID-19 laboratory tests performed, hospitalizations, medicines dispensed,” and other data.
Deputy Health Minister Rodrigo Cruz confirmed that the ministry was trying to restore its network, Reuters reports, and couldn’t access COVID-19 vaccine data. The Ministry of Health’s website as well as the ConecteSUS web app both remain unavailable at time of writing.
But the ministry tweeted on Dec. 12 that “the process for recovering the records of Brazilians vaccinated against Covid-19 has been completed, with no loss of information,” and said “all data was successfully retrieved.” So far it hasn’t shared details about how the data was recovered.
“At the moment,” the Ministry of Health said in a followup tweet, “the department is working to re-establish the systems for registering and issuing vaccination certificates as quickly as possible.”
Still, temporarily losing access to this data led Brazil to delay a policy that would have required unvaccinated travelers to be tested for COVID-19 and quarantined for five days after entering the country. That policy was supposed to go into effect on Dec. 11; it’s been delayed until Dec. 18.
