Hackers Stealed Customer Data, Report Xp Investments

XP Investimentos, the country's largest brokerage firm, is investigating a data leak in its customer base. A file containing sensitive customer information - such as full name, CPF number, e-mail address, and phone number - has been emailed to victims in recent weeks. The shared text file contains personal data of more than 29,000 people, although it does not include investment information.
According to one of the victims, who spoke to the state on condition of anonymity, the file was sent to his mailbox early yesterday, along with a letter threatening the brokerage firm. "I called XP and they told me not to open the files, but I had already looked," the source said. "Then a partner from the company called me and confirmed the leak."

Asked by the State, XP reported that "Criminals obtained basic information from certain customers between 2013 and 2014." The company said it then identified "isolated fraud" with three clients, which was remedied without financial loss to those involved. The company says that the same offenders have recently released the records on the web. The purpose would be to extort the company. "The leak of information is a criminal offense and the company is taking all legal measures," XP said in a statement.
XP added that the case is being investigated by the Federal Police and the Public Prosecutor's Office, in a lawsuit filed in a court of secrecy.


Sought, the press office of the Superintendency of the Federal Police in São Paulo, reported that there are some processes with protocols that refer to XP Investimentos, but said that it would not be possible to consult the contents of the files still yesterday. The Public Prosecutor's Office of São Paulo has not confirmed whether there is any investigation into the case in progress until the closing of this edition.

The leak occurs at a delicate time for XP. The company is preparing to open the capital on BM & FBovespa. The expectation is to make the initial IPO in the coming months. The company is controlled by executive partners, which have a 57% stake in the brokerage house, with Guilherme Benchimol as the main shareholder. The remaining shares are with General Atlantic (33%) and Actis (10%).

In an aggressive strategy, XP tries to show itself as an option for investments in traditional banks, charging zero administration fee on investments. The brokerage firm now has around 200.000 clients, compared to just over 100.000 in 2015.

In December 2016 , the company anounced the purchase of 100 per cent of the capital of rival Rico Corretora, in a business between  300 million and 400 million, according to Broadcast, Grupo Estados real-time news .

Reasons. According to an information security expert consulted by the state, data leaks can occur in any industry. "It seems like companies are indestructible, but they are not. An employee who left angry can pass the password to someone else. It's that simple."
For the client heard by the report, which had his data exposed on the internet, it is an unforgivable sin for those who have the custody of their investments. "The breach of trust is very serious," he said. "I'm not going to sue XP, but I'm going to take my investments elsewhere."