Millions of Brazilian citizens including the President, ministers, and Provincial Governors have had their health details leaked. The leak originated after an employee at a hospital uploaded a spreadsheet to GitHub. The spreadsheet contained details such as names, addresses, ID information, and other healthcare records such as medical history and regimes. A GitHub user noticed the spreadsheet and later contacted reporters at a Brazilian newspaper.
COVID-19 information, along with any other patient medical records, continues to be highly sought-after by threat actors. In this case, the data was not stolen but uploaded by employee error. It is unknown at this time how long the data was available on GitHub. It is common for sensitive data to be accidentally uploaded to GitHub by employees without them knowing. Part of the service offering at Binary Defense’s Counterintelligence teams includes monitoring on platforms such as GitHub to find leaked data and get it removed quickly.
More can be read here: https://www.zdnet.com/article/personal-data-of-16-million-brazilian-covid-19-patients-exposed-online/