XP Inc. reported on Thursday that it identified unauthorized access to an external supplier database. The incident occurred on March 22 and, “immediately, the company looked at this access and reported the case the competent authorities.”
According to the company, the resources of all customers are safe and protected. “No financial operation was performed. No information was accessed such as password, electronic signature and biometrics, and not even CPF or identity document,” said XP.
Still according to the company, no internal system has been reached, and all operations continue to function normally. “The use of XP Inc. applications and websites can continue to be performed normally and no password is required,” said XP. The company informed investors that it had no financial impact.
Unauthorized access
Unlike a hacker attack, unauthorized access occurs when a person or business has, in most cases, momentary visibility to information from a particular group of customers, without being allowed to do so.
In the case of XP, according to the company, customers’ personal information is not being shared or publicized publicly. “The account and investments of customers, who were all communicated by email, are in total security, because no internal system of XP Inc. has been accessed,” the company said.
Attention
The company always guides customers to distrust telephone calls on security procedures and purchase or transactions recognition. “Never change or perform any action in the application under the guidance of any telephone contact. XP does not request password data, token or any code received by SMS or email,” he said.
