PSafe's dfndr lab has discovered a database that may have exposed taxpayer ID numbers (CPF numbers) and other personal data on 220 million Brazilians. The exposed data also included confidential data on 40 million companies and 104 million vehicles in Brazil.
- Corporate information that was exposed includes tax ID number, corporate name, trade name, and date of incorporation.
- Last year, the Brazilian Ministry of Health exposed 243 million patient records in an unsecured COVID-19 database.
- Brazil's new data protection security law, which took effect last year, provides for a fine of up to R50M ($13M) for failure to report a data breach within 72 hours of discovery.