Largest Brazilian bank exposes customer data

Summary:Mobile app users had access to information from other customers

Brazil's largest bank had to deal with a huge security breach of its mobile banking app as users had access to information about other customers at the institution.

Customers at Banco do Brasil (BB) using mobile banking through the bank's iOS and Android apps could get access to private data such as balance and statements from other, random account holders. The damage was not greater only because transfers and payments require a password.

The service affected users for about an hour on Monday (9) and was taken offline after the bank started to receive a barrage of complaints from hundreds of customers on Twitter. Yesterday, Banco do Brasil tweeted that it had identified the problem and that the service was back online "with stability."

A screenshot of the BB app | Image credit: Flavia Galveas (cc)


According to BB,  there has been some "inconsistency and intermittence" of customer information during the updating process of the apps, but the bank said its security systems "remained active" and "no data has been at risk in the event of financial transactions."

The bank does not disclose how many of its customers use the apps that it provides, but the app page on Google Play indicates that between one and five million users have downloaded the Android app.

The use of mobile banking in Brazil has gone by up 223,4 percent in the last year, according to the Brazilian Banking Federation.

Topics: Mobility, Security


Angelica Mari is ZDNet's Brazil Contributing Editor. She has relocated to Brazil, her home country, in 2011 after living and working in Europe for a decade. She started her professional life when she was 14, as a software trainer coaching executives at major Brazilian companies until the age of 17, when she started writing professionally.... Full Bio

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.