Brazilian bank Inter pays fine over customer data leak

Brazilian bank Inter has achieved a settlement over a major security flaw that leaked data of nearly 20 thousand account holders earlier this year.

Under the conclusion for the case, announced by Brazil's Public Prosecutor's Office (PPO) on December 18, the bank will pay 1.5 million reais ($382,000) as a means to repair the collective moral damages related to the incident.

read this

Banks must move past PIN, OTP to ensure mobile security

PINs and one-time passwords should be abolished as a form of authentication.

Read now

In July, the PPO's special unit focused on matters related to data protection and artificial intelligence filed a lawsuit against the bank, following investigations that began in May and confirmed the exposure of the customer data, digital certificates and the bank's AWS EC2 private access details.

According to the coordinator of the commission working on the incident, prosecutor Frederick Meinberg, Inter has attempted to cover up the security incident, which has "generated moral damages and insecurity to customers, not customers, investors, shareholders, ecosystems of fintechs and Brazilian data startups."

"[The attempts to hide the incident also damaged] the reliability of the migration of processing services, storage and cloud computing of financial institutions, " Meinberg said.

The fine will go towards public institutions focused on cybercrime and charity institutions, to be determined by the PPO.