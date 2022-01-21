The Central Bank reported this Friday (21) that there was a leak of data of a “registration nature” related to the PIX of customers of the financial institution Acesso Soluções de Pagamento.

According to the BC, this leak occurred due to “sporadic failures in systems” of the company.

The BC reported that the total number of keys potentially exposed is 160,147, which corresponds to 159,603 individuals. This is because a person can have more than one registered PIX key.

This is the second incident of PIX-related information leaks revealed by BC. In September last year, the institution reported the leak of PIX keys that were under the custody and responsibility of the Bank of the State of Sergipe (Banese).

“No sensitive data, such as passwords, information on transactions or financial balances in transactional accounts, or any other information under bank secrecy were exposed. other financial information,” he added.

According to the Central Bank, people who had their registration data leaked will be notified “exclusively through the application or through the internet banking of their relationship institution”.

“Neither the BC nor the participating institutions will use any other means of communication to affected users, such as messaging apps, phone calls, SMS or email”, he informed.

In addition, the BC informed that “necessary actions were taken for the detailed investigation of the case and will apply the sanctioning measures provided for in the current regulation”.

The institution clarified that, among the applicable penalties, are fines or “disqualification to act as an administrator and to hold a position in a body provided for in the statute.”

Also according to the BC, the exposed information can be used to apply social engineering scams, such as, for example, the scammer trying to persuade the victim that he is a bank employee to try to obtain the user’s password credentials.

Thus, it added that account holders with leaked information should remain alert and:

always be suspicious of SMS or in-app messages sent by unknown numbers and never click on links sent by such numbers;

pay extra attention when receiving calls from people impersonating Banks and never provide personal information, codes received via SMS or bank passwords, nor authorize remote access to the application or internet banking;

beware of fake emails and pages that try to impersonate any financial institution;

never use passwords that are easy to guess.