The Central Bank reported last Friday that it had recorded the leakage of Pix keys under the responsibility of the Abastece Aí program, which belongs to the Ipiranga service station network. The BC clarified that the leakage was of a registration nature and not of sensitive data, such as passwords and balances.
Contributing to the article in the newspaper O Globo, our partner Cecilia Choeri highlighted that the fact that the exposed data is registered does not diminish the importance of the leakage, since the information may still be used by scammers. She also pointed out that the company may be subject to LGPD-related sanctions: “I imagine that the company must be providing all the information required by the ANPD, which will certainly want to know more in order to determine if there was a violation of the law in any way. It is important that they have done a good homework in order to comply with the General Data Protection Law (LGPD) and, in addition, that they have also surrounded themselves and adopted technical security measures to prevent this type of thing from happening”.
Read the full article on the link: