The Ministry of Justice and Public Security must replace the intelligence system widely used by police across the country to cross-reference data on people, companies and even vehicles.
According to an investigation by the Folha de S.Pauloaround 70 million CPFs were registered as authors of more than 213 million queries made through the Rio de Janeiro government account on the Cortex intelligence platform.
The new system, which should be implemented in the first half of 2026, is seen as an improvement on the previous platform, with automated audits, as well as greater transparency and traceability of queries carried out, which would reduce the security risks presented.
Continues after advertising
To close the breach in Cortex’s security, the ministry ordered the re-registration of bodies that have official access. The operation will take place between January 18th and 28th, during which the platform will be blocked. Only re-registered entities will receive new access credentials.
The platform was implemented in 2021, during the government of Jair Bolsonaro (PL). It should only be used by entities that have signed an agreement with the federal government to use the information.
The concentration of data on a single platform, shared with registered entities, is the target of questions about information security and compliance with the General Data Protection Law (LGPD), in addition to increasing the risks of leakage of sensitive data, such as personal information and even facial recognition records.
According to the newspaper, members of the ministry suspect that Cortex data was scraped by robots in queries made with access keys originally given to the Military Police of Rio de Janeiro. The department is still investigating illicit forms of access and the destination of scraped information.
O InfoMoney questioned the Ministry of Justice about the volume of leaked data and whether the bodies that own the access keys will also be investigated, but have not yet received a response.
