Customer services firm Atento hit by cyberattack

The company's Brazilian operation has seen the most significant impact.

Special Feature

A Winning Strategy for Cybersecurity

The smartest companies now approach cybersecurity with a risk management strategy. Learn how to make policies to protect your most important digital assets.

Read More

Business process outsourcing (BPO) and customer relationship management multinational Atento has been hit by a cyberattack, with the greatest impact seen in Brazil, its largest operation in Latin America.

The Madrid-headquartered firm informed its customers on Sunday (October 17) about the attack against its systems in Brazil, which caused an interruption of service as the company sought to contain and evaluate the extent of the threat, according to local news website Neofeed.

Atento's note to customers added that its security team was working towards containing it and ensuring the security of the affected environments before bringing them back online as soon as possible.

Contacted by ZDNet, the company confirmed the incident and said in a statement that in order to prevent any potential risk to customers, the company "proactively isolated" the impacted systems. This resulted in the suspension of connections with customers in Brazil and a service interruption.

"Investigations are still ongoing, and the company continues to work closely with its consultants and the relevant authorities to assess the incident's business impact and take appropriate action", the company noted.

Atento stressed that it was able to contain the threat within 24 hours and start providing limited service to some customers. Data center operations have already resumed and the company will start to progressively resume more services.

Brazil is one of Atento's main global markets. More than 45% of the company's global workforce, which employs over 150,000 people, is concentrated in the Brazilian operation, which serves major telecommunications companies and banks such as Bradesco and Itaú.

The BPO firm is the latest of a string of companies operating in Brazil that have suffered cyberattacks recently. Last week, one of Brazil's largest insurance groups, Porto Seguro, suffered a cyberattack that resulted in instability to its service channels and some of its systems.

Another company also targeted by cybercriminals, CVC, one of the country's largest travel operators, was hit by a ransomware attack that brought its operations to a standstill earlier this month.

Despite the increase in security threats, 56% of the Brazilian companies currently invest 10% or less of their IT budget in cybersecurity, according to a study by consulting firm Marsh on behalf of Microsoft. The research noted that 52% of Brazilian organizations said investments in security had not changed since the start of the pandemic.

In terms of employee practices around security, only 23% of the Brazilian organizations that took part in the study said their workforce is using company-provided equipment to work. The study noted this practice significantly increased exposure to some type of cyber incident, but remote access security is a priority for only 12% of respondents and the second item on the list for 7% of respondents.

Updated on Oct 22 2021 6:17 PM EST to add Atento's statement