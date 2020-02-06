Experts Insight On Brazilian Firm Exposes Personal Details Of Thousands Of Soccer Fans

It has been reported that tens of thousands of Brazilian soccer fans have been exposed as a publicly-accessible cloud storage bucket leaked several gigabytes of data with sensitive information stretching back several years. The leaky S3 bucket, investigated exclusively by ZDNet in partnership with Brazilian cybersecurity news website The Hack, was owned by Futebol Card, an online ticketing company that also provides member and loyalty program management systems to a number of major soccer clubs. Personal data belonging to supporters of a number of Brazilian organizations was involved in the incident, but the vast majority of the individuals exposed are fans of São Paulo-based soccer team Palmeiras, one of the country’s most popular and successful Brazilian clubs, with around 18 million supporters nationwide.

EXPERTS COMMENTS
Jonathan Knudsen, Senior Security Strategist ,  Synopsys
February 06, 2020
Cybersecurity doesn’t have to be overly complicated. Relatively simple steps can result in a big reduction in risk for your organisation.
For anyone wondering “where do I start with cybersecurity,” this story of yet another unprotected cloud storage bucket is a cautionary tale. A very simple first step would be to make a policy that requires authentication for any Internet-facing systems. Enforcing this policy would have prevented the Futebol Card leak. Incremental changes to this policy would allow you to drive down your risk i ....
Tim Mackey, Principal Security Strategist,  Synopsys CyRC
February 06, 2020
With LGDP now effective law in Brazil, the fines could extend to 50 million real.
Cloud storage solutions are convenient and cost effective, but are increasingly in the news for being misconfigured. It’s vital to remember that every implementation of Amazon cloud services need to be handled by experts who understand how to configure S3 buckets securely. This is especially true when personal details, willingly shared by supporters, and other pieces of sensitive data like conta ....
