Bradesco Securities, Inc.

The Vermont Office of the Attorney General disclosed a data breach affecting **Bradesco Securities, Inc.** on **July 28, 2023**, after detecting unauthorized access to its systems on **July 11, 2023**. The incident involved the compromise of **sensitive employee information**, specifically **Social Security numbers (SSNs) and state identification numbers**. While the exact number of impacted individuals remains undisclosed, the breach poses significant risks, including potential identity theft, financial fraud, or targeted phishing attacks against employees. The exposure of such highly sensitive data underscores vulnerabilities in the company’s cybersecurity defenses, particularly in safeguarding personally identifiable information (PII). Given the nature of the stolen data, affected employees may face long-term repercussions, including credit score damage, unauthorized account openings, or misuse of their identities for illicit activities. The breach also raises concerns about internal security protocols, as the unauthorized access went undetected for an unspecified period before discovery.

Source: https://ago.vermont.gov/document/2023-07-28-bradesco-securities-data-breach-notice-consumers

TPRM report: https://www.rankiteo.com/company/bradesco

"id": "bra734082025",
"linkid": "bradesco",
"type": "Breach",
"date": "7/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': 'Unknown (employees affected)',
                        'industry': 'Securities/Investment',
                        'location': 'Vermont, USA (reported by Vermont AG)',
                        'name': 'Bradesco Securities, Inc.',
                        'type': 'Financial Services'}],
 'data_breach': {'data_exfiltration': 'Likely (unauthorized access confirmed)',
                 'number_of_records_exposed': 'Unknown',
                 'personally_identifiable_information': ['Social Security '
                                                         'numbers',
                                                         'state identification '
                                                         'numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)']},
 'date_detected': '2023-07-11',
 'date_publicly_disclosed': '2023-07-28',
 'description': 'The Vermont Office of the Attorney General reported a data '
                'breach incident involving Bradesco Securities, Inc. The '
                'breach involved unauthorized access to sensitive employee '
                'information, including Social Security numbers and state '
                'identification numbers.',
 'impact': {'data_compromised': ['Social Security numbers',
                                 'state identification numbers'],
            'identity_theft_risk': 'High (SSNs and state IDs exposed)'},
 'investigation_status': 'Ongoing (number of affected individuals unknown)',
 'references': [{'date_accessed': '2023-07-28',
                 'source': 'Vermont Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'Vermont Office of the '
                                                       'Attorney General'},
 'response': {'communication_strategy': 'Public disclosure via Vermont AG'},
 'title': 'Bradesco Securities, Inc. Data Breach (2023)',
 'type': 'Data Breach'}