A found evidence that a Serpro server (a state-owned data processing company) provided to the Tax Authorities is involved in breaching the confidentiality of ministers of the (Supreme Federal Court) and their families. According to the initial investigation, the server, based in Rio de Janeiro, had irregularly accessed the IRS systems and delivered data to other people.
There is still no information on the name of the suspect or the identity of whoever received the material.
The news of the IRS data leak comes in the wake of the Master case, settled by the Central Bank last year and which has already led to Federal Police operations in Brasília, São Paulo and other states.
According to the initial investigation, the employee was already the target of another investigation by the Internal Revenue Service and the Federal Police regarding data leaks.
An overlap of the same server was detected in both cases, which made the authorities accelerate the operation carried out this Tuesday morning (17). Four search and seizure warrants were executed in the states of São Paulo, Rio de Janeiro and Bahia.
The tracking carried out by the Revenue identified inappropriate access, how long the pages were viewed and whether the tax data was downloaded or printed.
The access mapping also took into account the people who were authorized to enter the system through a power of attorney.
A robot was used to survey the systems and verify the breach of confidentiality of ministers and their families (mothers, fathers, spouses and children). This is a list that involves more than 100 people, as revealed by Sheet.
The first part of the Revenue survey was sent to the minister, who had requested the information. It was based on this information that the operation was authorized.
Moraes was informed that there was access to the statement from his wife, lawyer Viviane Barsi.
Her office was hired by Master for R$3.6 million per month to help defend the institution’s interests, according to information
Other members of the Court were also informed that their family members’ data had been consulted irregularly. The ex-wives of Minister Dias Toffoli, Roberta Rangel, and Gilmar Mendes, Guiomar Feitosa, are on the list of possible targets for undue access.
According to the Revenue, the STF requested the body on January 12 to audit its systems to identify deviations in access to data from Court ministers, relatives and others over the last three years. The work was included in a procedure that had already been opened the previous day by the Internal Revenue Service, based on news published in the press.
According to the IRS, since 2023 data access controls have been expanded, with strong restrictions on access profiles and expansion of alerts. Seven disciplinary processes were concluded during the period, with three dismissals and sanctions for the others.
The IRS still has ten administrative processes in progress, according to people familiar with the matter.
