Threatwatch

Brazilian banking giant’s app bares customer data

Accidentally leaked credentials

On Dec. 9, Banco do Brasil clients who conducted mobile banking through iOS and Android apps could see information such as balance and statements from other, random account holders. The damage would have been greater, had not transfers and payments been password protected.

The bank is Brazil’s largest. The issue lasted for about an hour. Company officials took the mobile service offline “after the bank started to receive a barrage of complaints from hundreds of customers on Twitter,” ZDnet reports.

Bank officials told the publication there has been some "inconsistency and intermittence" of customer information during the updating process of the apps, but the bank said its security systems "remained active" and "no data has been at risk in the event of financial transactions."

The app page on Google Play indicates that between one and five million users have downloaded the Android app.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.

sector

Financial Services

reported

December 11, 2013

reported by

ZDNet

number affected

Unknown

location of breach

Brazil

perpetrators

Employees

location of perpetrators

Brazil

date breach occurred

December 09, 2013

date breach detected

December 09, 2013