RIO DE JANEIRO, BRAZIL – The National Secretariat of Consumer (SENACON) and the Ministry of Justice and Public Security (MJSP) reported on Monday, September 16th, that an administrative proceeding against TIM has been filed to investigate alleged leaks of data and amounts of consumer debts.
In a note, TIM said that “it was the victim of a criminal attack by hackers and has not yet been notified of the SENACON fine or when it will present a defense in the administrative procedure”.
According to SENACON, the alleged leak of sensitive data would have happened on the ‘TIM Negocia’ service. The platform allows the operator’s customers to check debts and negotiate forms of payment, but the platform may have been vulnerable to allowing criminals to view personal data, as well as thousands of customer debt amounts.
SENACON’s Consumer Protection and Defense Department said it is not known how long hackers have had access to the system or how many customers they have actually been able to view over that time.
TIM must now be subpoenaed to defend itself administratively. If the suspicions are confirmed, the operator may be fined about R$10 million (US$2.5 million).
Source: G1