Banco do Brasil Error Lets Clients See Balances of Others
Up to 5 million clients of Banco do Brasil could spy on fellow customers for an hour after a breach that allowed them to see strangers’ personal details, according to ZDNet. The vulnerabilities discovered on Monday only affected clients of the bank’s mobile app designed for both iOS and Android devices.
For about an hour, clients of Brazil’s biggest bank could peek at other customers’ private information such as balances and banking statements. As all transfers and payments are password-protected, the breach didn’t cause any financial damage. The bank also said its security systems “remained active” during the breach and “no data has been at risk in the event of financial transactions.”
Banco do Brasil faced with hundreds of customer complaints on Twitter and took the mobile service offline to fix the security vulnerabilities. After identifying the problem, the company put the service back online “with stability.”
The security incident was caused by “inconsistency and intermittence” of customer information while updating mobile apps, bank representatives said. Up to 5 million users have downloaded the Android app.
Mobile banking has become increasingly popular in Brazil in the last year, doubling the number of clients using mobile services for transactions and payments, according to the Brazilian Banking Federation.