A survey on cybersecurity revealed that 16,000 credentials of employees of federal, state and municipal agencies were exposed on the internet. This means that the servers used the corporate login and password on websites that require some kind of registration and ended up having the data exposed or by direct leakage from the public agency itself.

The survey, obtained exclusively by Tilt, is from Axur – a reference in monitoring, detection and removal of digital risks on the internet in Brazil. The report corresponds to the period from July to September 2021 and found that, in all, the country had 2.03 million data exposed.

Despite the quantitative, the number represents a drop of 99.56% compared to the second quarter of 2021, when 465.5 million records were leaked.

In relation to the leakage of government credentials, the drop was 95.97%. In the second quarter, 160,478 passwords and logins were exposed. The report does not inform public bodies that the data was leaked for “a matter of security and confidentiality”, but “they are all from natural persons who work in these places”.

For Eduardo Shultze, leader of threat intelligence at Axur, the report does not mean that the public agency is insecure.

“The problem is that people use corporate email accounts to register on multiple websites. For example, an employee goes to a shoe sales website and registers with his corporate email if an attack or leak occurs against this site, this data will be leaked, not necessarily meaning that the agency has a weakness or was properly invaded”, he explained.

Regarding the credentials of employees of private companies, there was a 70% drop in leakage compared to the second quarter. Between July and September, 148,000 exposed credentials were registered.

All detections refer to shallow, deep and dark web exposures,

“Many users use the same password across multiple networks, making it easier for criminals to access all their networks in case the password is leaked,” added Shultze.

CPF and credit cards at the top

Among the 2.03 million data exposed, according to Axur, CPFs appear as the preferred target of cybercriminals, corresponding to 57%. Email addresses (968 thousand), CNPJs (480 thousand) and documents with photos (6,985) complete the list.

As for credit and debit cards, the report was able to identify the leak of 1,354,822 worldwide. Of the total, 1,309,003 (94.2%) were on the expiration date at the time of detection.

The data placed Brazil first in the world ranking of credit and debit card leaks in the third quarter, as the country was responsible for 22.1% of all exposures to this data, which corresponded to 299 thousand. India (16.9%) and the United States (11.1%), Mexico (7%), Australia (6.2%) and South Africa (5.1%) complete the “top 5”.

Who is subject to leaks and how do I know if I am a victim?

According to Eduardo Shultze, some data is traded and can be worth a lot of money, while others are used as a strategy for public embarrassment by the company in order to damage the brand’s reputation.

The expert says that, nowadays, it is not very easy to escape from cybercriminals because “everyone who accesses the internet and has ever registered on a website is liable to have their data exposed”.

“All it takes is for the site to be hacked or to have an accidental exposure. It usually happens through some flaw that a hacker identifies and takes advantage of to invade and remove the data, but it can also happen through human error – someone leaving the database exposed , without protection, and then there is no need to invade, you can find it on the internet,” he says.

Shultze lists that the ideal is to prevent, such as “avoid registrations on any website, analyze where you are entering your data, check the permissions that an application asks for before authorizing, activate two-factor authentication, search for the brand’s original website instead to click on the first Google search link and not open links without checking”.

It is also possible to find out if your data has been exposed on this link. By email, it is possible to know what may have been leaked. And with Black Friday coming up, this site indicates whether or not it is trustworthy to enter any personal information.