Cyber Crime
Personal and Covid Vaccination Data of 820,000 Dominicans Leaked Online: Resecurity
– Massive data breach exposes personal and health information of 820,000 Dominicans.
– Sensitive data leaked includes ID numbers, names, and COVID vaccination records.
The personal information of approximately 820,000 citizens of the Dominican Republic has been leaked on the Dark Web. This data breach, executed by a cybercriminal group identified as CiberInteligenciaSV, included sensitive details such as individuals’ COVID vaccination status. The US-based cybersecurity firm Resecurity revealed this breach, which was posted on the well-known Breach Forums.
ALSO READ: Join the Movement: Future Crime Research Foundation Launches State Chapters to Build a Cyber-Safe India
CLICK THIS LINK TO BECOME DOMAIN LEAD
What Information Was Leaked?
The leaked data set includes several key pieces of personally identifiable information (PII), crucial for the privacy and security of any individual:
- ID card numbers
- Full names
- Sex
- Municipality
- Date of birth
Threat actor ‘CiberInteligenciaSV,’ known for targeting Latin American data, recently dumped sensitive information from the Dominican Republic on Breach Forums.
Detailed vaccination data (including the total number of doses administered, vaccination dates, types of vaccines, and the clinics where vaccinations were given)
Such comprehensive personal information can be highly detrimental in the wrong hands, offering avenues for multiple forms of identity theft and fraud.
READ THE FULL REPORT HERE: Leak Of Dominican COVID Vaccination Data On The Dark Web Is Enticing For Cybercriminals And Nation-State Actors
Source and Accuracy Concerns
According to researchers at Resecurity, the source of the hacking incident remains uncertain. However, discussions on Breach Forums by a user named “CTF” suggested possible overlaps with a previous data breach involving Caribe Tours, a prominent tourism company based in the Dominican Republic. This earlier breach was attributed to Kelvin Security, a notorious hacking group linked to numerous high-level cyberattacks globally.
Further complicating the situation are concerns about the data’s accuracy. The Breach Forums user “CTF” noted discrepancies when cross-referencing the leaked ID card numbers with official records from a Dominican government portal, finding mismatches in the associated names.
Implications of the Breach
The exposure of vaccination data is particularly alarming. Health information is considered highly sensitive and can be exploited in various harmful ways.
Cybercriminals can use this data to craft targeted phishing attacks, commit insurance fraud, or sell the information to third parties such as advertisers or unscrupulous employers.
Furthermore, nation-state actors might exploit this data to gain insights into the country’s healthcare infrastructure and pandemic response, which could be used for espionage and planning potential disruptions.
Regional Cybersecurity Concerns
This breach highlights the broader cybersecurity challenges facing Latin America. The region has experienced a sharp increase in internet connectivity and smartphone usage, which, while beneficial in many ways, also raises significant security concerns.
A report by Reuters last year highlighted that cyberattacks in Latin America have soared to an “all-time high,” with the region also recording the highest percentage of unprotected data worldwide in 2022.
The Value of Health Data
The breach also underscores cybercriminals’ heightened focus on health data. According to HIPPA Journal, a trade publication, medical records are particularly valuable because their theft is often harder to detect compared to other types of personal data. This allows for prolonged misuse of the stolen data to commit various frauds, including identity theft and illegal acquisition of medical services.
Preventative Measures and Cybersecurity Hygiene
In light of these challenges, it is essential for organizations and individuals in the Dominican Republic and across Latin America to take proactive steps to safeguard their digital information.
Enhancing digital hygiene and utilizing comprehensive cyber-threat intelligence (CTI) tools can help mitigate the risks associated with such data breaches. These tools enable users to monitor their information on the Dark Web and take swift action if their data is compromised.
Resecurity, the firm that reported the breach, offers solutions tailored to help both businesses and individual consumers in Latin America protect their digital identities and navigate the complexities of today’s cybersecurity landscape.
The leak of such a vast amount of personal and health-related information is a critical reminder of the ongoing cyber threats in the digital age. As cybercriminals continue to target sensitive data, it is crucial for all digital users to fortify their defenses and remain vigilant against potential cyber threats. The efforts to enhance cybersecurity measures will not only protect individuals but also contribute to the overall security of the region’s digital infrastructure.