One of Brazil’s largest private banks is still investigating how data from around 53,000 customers has been leaked.

Banco Bradesco reported at the weekend that its subsidiary Bradesco Financiamentos detected an incident that may have allowed unauthorized access to client contract data.

The bank said in a statement to Reuters news agency that “all necessary measures have been taken to resolve the incident, as well as communication with customers and the competent authorities”.

The bank says that the potential leak did not jeopardize the integrity of access to customer transaction systems.

Brazilian newspapers and websites have tied the admission to a Banco Pan financial institution report that revealed a “vulnerability” in the technology provider’s platform, which is used in the card chip customer service center, which allowed customer information to be leaked.

This would allow, according to Banco Pan, the unauthorized copying of registration data, available limit and debt balance “without disclosing full card data, passwords or any data with direct financial risks to the customer and the bank”.

So far the number of clients that have been revealed has not been reported but 53,000 is the suggested number so far. The financial institution, according to its press office, has about 17 million active customers.

In February of this year, the Central Bank reported a leak of data of a “registration nature” relating to PIX to clients of the financial institution Logbank Soluções em Pagamentos S/A.

According to BC, the registration data associated with 2,112 PIX keys, which contains the username, CPF, relationship institution and account number, has been leaked.

Full story in Portuguese and the original statement from Banco Bradesco HERE

Return to the NEWS index for Security Journal Americas