Bradesco, one of Brazil’s biggest private banks, informed investors that it detected an “unauthorized display” of data related to the car-loan contracts of 53,000 customers.
The bank said the issue was confined to one of its subsidiaries and claims to have taken all security measures in reaction to the incident. “We emphasize that the characteristic of the data eventually viewed does not jeopardize the integrity of access to transactional systems of these customers with Bradesco Financiamentos,” the institution pointed out in a statement.
Bradesco has not shared much detail on what happened. Per the bank’s security filing, criminals exploited a vulnerability on its website to gain access to the contract data. The customers in question are not Bradesco account holders, meaning that no passwords were exposed and there is no risk of unauthorized transactions happening.
The biggest risk is that fraudsters could use this data to carry out social engineering scams.
Search
