Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Brazil: Central Bank and Banese confirm data leakage of 395,097 PIX payment keys

The Central Bank of Brazil ('BACEN') and the Bank of the State of Sergipe S.A. ('Banese') confirmed, on 30 September 2021, a data leakage of electronic payment keys ('PIX') by Banese. In particular, Banese reported that it had detected that 395,097 clients' personal electronic payment keys were leaked. Initially, Banese noted that the event did not affect the confidentiality of passwords, transaction history, and other financial information of its customers. However, the Banese also stated that the data, such as names, social security numbers, names of the bank where the key is registered, bank branches, bank account numbers, and other technical data used for anti-fraud control purposes, was leaked. In addition, the Banese confirmed that sensitive data, such as passwords, transaction information, and balances were not affected.  

Furthermore, the Banese informed that it had been working with the BACEN in the investigation and communication of the facts, and had adopted containment actions and technical measures, such as the revocation of access to the accounts used and the implementation of security mechanisms to prevent similar cases. Lastly, pursuant to applicable legislation, the Banese communicated the incident to the Brazilian data protection authority ('ANPD').  

You can read the official BACEN's press release here and the Banese official note here, both only available in Portuguese.