A data breach has occurred, exposing the personally identifiable information (PII) of 820,000 individuals from the Dominican Republic with their COVID-19 vaccination statuses. This data has been leaked on Breach Forums, a notorious cybercrime and hacker forum.
This leak is critical for the sensitive nature of data exposed, including records from biotech giants Pfizer and SINOVAC BIOTECH LTD, creating a goldmine for cybercriminals and nation-state actors.
Source of the Leak
According to Resecurity’s Cyber Threat Intelligence team, the data has been uploaded on the Breach Forums by ‘CiberInteligenciaSV,’ a strategy consistent with many high-profile Latin American (LATAM) data breaches.
The possible actor behind the breach was tracked after a Breach Forums member “CTF” noted overlaps with caribetours.com.do leaked database. Caribe Tours, a Dominican tourism company, was hacked by Kelvin Security in April 2022. The group, involved in over 300 cyberattacks since 2020, has targeted strategic industries in over 90 countries. Spanish authorities arrested its alleged leader in December 2023.
While CyberInteligenciaSV’s source for Dominican data is unclear, CTF has raised concerns about the accuracy of some of the leaked data, as users cross-referenced ID card numbers with official Dominican government portals and saw different names associated with them.
Why is this Leak a Big Deal?
The data dump contains key PII fields such as ID card number, name, gender, municipality, birth date, and vaccination data. The leak exposes the total doses, clinic location, vaccination date, and vaccine type administered to the patient.
Stolen personal information can be used for identity theft, targeted scams, and social engineering. Scammers can create fake IDs, open fraudulent bank accounts, or make unauthorized purchases. They can also launch convincing phishing attacks, claiming rewards for vaccination or manipulating public opinion, targeting unvaccinated individuals with misinformation
“Alternately, threat actors could also look to sell this data to third parties seeking health-related personal information, including advertisers and employers,” Resecurity researchers explained.
The LATAM region is urged to improve digital hygiene and take precautions against cyber risks. The Dominican government must investigate this data breach, notify affected individuals, and strengthen data security to prevent future attacks. This includes identifying the source, providing clear guidance on self-protection, and investing in robust encryption, access controls, and security awareness training for government employees.
RELATED TOPICS
- India’s COVID-19 surveillance tool exposed millions of user data
- Covid antigen test results of 1.7m Indian, foreign nationals leaked
- COVID-19 testing service in US exposes patients’ photos, passports
- Indonesian Govt’s COVID-19 test, trace app leak impacts 1.3m users
- Chinese COVID-19 detection firm hacked; source code sold on dark web