Reinforcing that none of the three cases of data leakage of Pix keys already recorded exposed sensitive user data, the president of the Central Bank (BC), Roberto Campos Neto, admitted that similar incidents should continue to happen with some frequency. Still, he stressed that the BC will attack any and all leaks, in order to reduce the rate to the minimum possible.
“We understand that as the world of data is growing exponentially, leaks are going to occur with some frequency. Not wanting to trivialize the leaks because we are going to attack everyone so that they are as few as possible. But it’s important to understand that the leaks they have are not that relevant in the sense that they’re not that sensitive data,” he said on Friday (11).
According to the BC, in the three cases registered so far, the data leak involved only registration data, such as name, CPF, telephone number and banking institution. “No one has suffered any kind of damage from these leaks,” added the head of the monetary authority.
Also according to Campos Neto, the instant payments system launched in November 2020 should gain new tools soon. “We will soon announce a big schedule with a big group of Pix features, with the international part and going to a level more than 5G/smart content. This is part of the new agenda,” he said if he gave more details.
leaks
The Central Bank (BC) confirmed that there were three leaks of data from users using Pix in the last six months. In all, information on 576,785 keys was exposed, considering incidents at Banco do Estado de Sergipe (Banese), at Acesso Soluções de Pagamento and at Logbank Soluções em Pagamento.
The leaked data is restricted to user identification information, such as full name and CPF, as well as account number, bank branch number and Pix key type.
What happens is that when the Pix key is entered to make a transfer or payment, some recipient data that should not appear at the time of the transaction are being exposed, such as bank account data or the complete CPF number (when this is not the Pix key).
In the case of the most recent leak, reported on February 3, from LogBank, operations carried out on January 24 and 25 had this failure in more than 2 thousand keys. The first leak was reported on September 30, and affected more than 395,000 keys at Banco de Sergipe. On January 21, the BC disclosed that more than 160,000 Access Bank keys had been exposed.
Source: CNN Brasil
I am Sophia william, author of World Stock Market. I have a degree in journalism from the University of Missouri and I have worked as a reporter for several news websites. I have a passion for writing and informing people about the latest news and events happening in the world. I strive to be accurate and unbiased in my reporting, and I hope to provide readers with valuable information that they can use to make informed decisions.
