Brazil’s health portals hit by hackers

10 Dec, 2021 19:22

Websites belonging to Brazil’s health ministry have been taken down by a ransomware attack that also hit systems holding details about the country’s immunization program and a portal used to issue digital vaccination certificates

In a statement, the Ministry of Health (MoH) noted that an “incident” in the “early hours of Friday” had “temporarily compromised” some systems, and added that the Federal Police and national security agencies were investigating. The ministry confirmed that the systems were still unavailable.

Health Minister Marcelo Queiroga told reporters that no data would be lost, insisting that the MoH still holds all the information that was taken, copied and deleted during the hack. He added that those responsible for the criminal act would be “exemplarily punished.”

According to a message posted on the website by the ‘Lapsus$ Group,’ which claimed responsibility for the attack but did not offer a motive, around 50TB of data had been extracted from MoH systems. The since-removed ransom note told authorities to “contact us if you want the data returned,” and included an email address and other purported contact details for the group.

Among the data thought to be taken is user information on the ConectSUS platform, which is an app that stores vaccination details and other sensitive health information belonging to Brazilians. Lack of access to this portal meant Covid-19 vaccination certificates could not be issued.

The attack has forced the Bolsonaro government to push back plans to implement new public health requirements for travelers to the country. The new rules were slated to begin from Saturday, but the government confirmed that these will be postponed by a week since vaccination data was not accessible online.

However, Covid-19 tracing forms to be completed on arrival by airline passengers were still available on the website of national health regulator Anvisa, which was not targeted in the attack.