The presence of passwords linked to government emails in known data leaks grew by 236% in the second quarter of 2021, according to a report by the digital security company Axur.
The survey shows that the e-mails ending “.gov.br” appeared 160,478 times in the databases identified between April and June. In the first quarter of 2021, the company encountered this type of credential 47,654 times.
- Data Leakage: Guide to Protect Yourself and Answer Questions
- WEBSTORIES: 5 safety tips for your digital life
According to Axur, the numbers may not equal the total amount of government emails exposed. That’s because an email can appear in more than one leaked database.
In addition, the report does not deal with incidents in government systems, but with private companies that store data from users who have accounts with “.gov.br” e-mails.
For the CEO of Axur, Fabio Ramos, even though the bases have no connection with government systems, exposing passwords used by public servants poses a security risk.
He points out that there may be an oversight by employees who use their work email and password in other services.
“You take a leaked database and see that there are people who use government e-mail with a password that is certainly the same one they use to access internal government systems,” says Ramos.
The presence of e-mails and passwords linked to public servants in data leaks can help cybercriminals trying to access government systems.
O G1 asked the Institutional Security Office (GSI), which owns the Federal Network for Cyber Incident Management, what the digital security guidelines are for public servants, but there was no feedback until the publication of this report.
According to Axur, the leaks can also affect companies. The report indicates that between April and June 2021, e-mails ending with “.com.br” appeared 444,329 times in the identified leaks.
The result represents a 263% growth over the first quarter, when passwords linked to this type of email appeared 122,356 times.
The number includes some personal emails created on services that use the ending “.com.br”. And, according to Axur, the number of Brazilian companies that had their e-mails exposed may be even higher, as some use addresses ending in “.com”, “.net”, among others.
Ramos explains that the exposure of emails and passwords in leaks ends up contributing to improper actions. He claims that cybercriminals can use the databases to look up credentials for a particular domain and test them on systems used by that target.
“This technique of detecting leaks and verifying that that password is the same one that the user uses on other systems and, thus, hacking into a company system or even the corporate email, and using this as an attack vector is the main technique of criminals today,” he points out.
The executive claims that the number and size of leaked databases have increased in recent years. For him, the current scenario is caused by a digital transformation, in which there are more services being offered over the internet.
“Companies are investing more in digital products, they are rushing to deliver products fast and many are failing and leaving data exposed,” he says.
Guidance for users is not to repeat passwords on more than one service. For this, the solution indicated by Axur is to adopt a password manager like the one offered by browsers.
For companies, failures in the processing of user data can lead to sanctions if the provisions of the General Data Protection Law (LGPD) are not complied with.
VIDEO: How does a data leak happen?