Leak exposes personal data for millions of Brazilian COVID-19 patients

The spreadsheet was pulled from GitHub as officials changed login details and revoked keys to prevent intruders from accessing the data. It’s not clear how many unauthorized people accessed the information.

An exposure like this could easily be dangerous. Patients face the risk of fraud and identity theft. It could be particularly problematic for hospitalized people who might not even have an opportunity to respond to any theft. Criminals could effectively take advantage of patients at their most vulnerable.

It’s also a reminder that healthcare info security doesn’t just involve protecting against hacks. It also involves ensuring that staff handle data responsibly. It only takes one mistake or rogue employee to leak massive amounts of sensitive information, and Brazil is discovering the consequences of these oversights first-hand.