SPTrans says it was the target of a cyber attack and had registration data leaked

SPTrans reported this Friday (23) that it was the target of a cyber attack, resulting in the exposure of registration data of Bilhete Único users.

The company, which said it became aware of the attack on Thursday (15), said that the data exposed by third parties this month is based on the month of April 2020.

After confirming the case, SPTrans stressed that it requested the opening of a criminal investigation procedure to determine the origin and authorship of the leak.

“SPTrans repudiates the criminal act of which, together with the population, it was a victim and regrets the incident,” he said.

The leaked data contains 13 million registrations of Bilhete Único users with: name, social name, date of birth, CPF, RG, address, telephone number, affiliation, PIS, student registration, marital status, place of birth, gender, and -mail, in addition to the login and password for the SPTrans services portal on the internet.

According to SPTrans, there is no need for passengers to go to a service station. In addition, Bilhete Único cards remain active and the respective balances are preserved, with no losses in the credits used in the transport service.

The company reinforced that, since then, “it has been strengthening technical and security measures to protect the personal data of Bilhete Único users”, noting that it hired specialized cybersecurity companies.

“As a security measure, the communication instructs everyone to change their passwords on the Bilhete Único website. There will also be a publication on the SPTrans website and disclosure on social networks will be made over the next few days, aiming to reach as many people as possible”, reported SPTrans.