On Sunday Oct 17th Atento Security team detected irregular activity on one of our networks in Brazil. Immediately, we deployed all available cyber security protocols in order to contain, assess, and neutralize the threat.
From the beginning, our priority has been to ensure the protection and integrity of our customers and employees data. We have implemented all available cybersecurity protocols within our reach to assess, contain and neutralize the threat. Among the initiatives, to prevent any risk, we proactively isolate the impacted systems and also suspend external connections.
As the investigations progressed, it was found that personal data of employees/former employees of Atento Brasil Group companies were exposed.
Therefore, committed to transparency in the relationship with our employees, even with ongoing investigations, we provide some clarifications below.
For further questions regarding your personal data, please feel free to contact us by email xxxxxxxx
There is evidence that there was a data leak from our company’s systems and, striving for transparency with our employees/former employees, we believe it is important to share the implications that may result from this attack.
It is also worth noting that regardless of this communication, we continue to collaborate with the authorities and external consultants to mitigate the possible impacts of the attack.
Atento informed the competent authorities, including the police, as well as the authority responsible for the protection of personal data in Brazil. Thus, we are acting cautiously and cooperatively with all of them, seeking to mitigate any impacts that the criminal attack may cause to employees/former employees and customers.
Immediately, on Sunday (10/17/2021), Atento communicated the incident to the competent authorities. Once the security incident was identified, a Crisis Committee was established, involving the company’s executives, who decided to establish the following immediate actions:
Unfortunately, this type of attack has grown around the world, involving companies that operate in different segments. Brazil is the world’s second largest targeted country for cyber attacks, second only to the United States. To give you an idea, in the first half of 2021 alone, there were more than 439,000 attacks in the country.
Atento and its customers were another victim of this criminal act, which has affected the corporate systems of companies.
First of all, know that Atento is doing everything that is technically and legally possible to control the situation. There is a possibility for the cybercriminal group to publish data on the deep web or deep internet, which is not accessed by everyone. This does not mean that your data will be accessible to anyone on the Internet or that it will be known to everyone. However, we recommend that you keep an eye out for any suspicious activity on your devices, social media accounts, and email or bank account.
The technical analysis, in progress, has detected evidence that a data leak has occurred from our company’s systems. This evidence resulted in the exposure of some information from our employees/ex-employees as xxxxxxx
There is a possibility for the cybercriminal group to publish data on the deep web or deep internet, which is not accessed by everyone. This does not mean that your data will be accessible to anyone on the Internet or that it will be known to everyone. However, we recommend that you keep an eye out for any suspicious activity on your devices, social media accounts, and email or bank account.
Files with the personal data of employees/ex-employees were accessed. Although it is different in each case, the file contained identification and contact details, professional data and bank data, such as information about the branch and account for salary payment.
You can change your passwords and monitor any suspicious activity that might happen with your data.
Pay close attention to emails and, if you detect any suspicious emails, be careful and never open emails from unknown recipients.
In case of doubts regarding your bank account, contact your bank and monitor your account movements.
You can also check the Go to Have I Been Pwned website, which shows e-mails and passwords that have already been leaked, together with details of how they were leaked.
If you have any questions, please contact us via email xxxxxxxxxxx
Feel free to reach out to them if you think it is necessary. In addition, if you have noticed any suspicious activity with your data, regardless of other measures, please contact us via email xxxxxxxxxxx
Do not access websites that offer this type of information, it can be a trap to capture additional information.
Although we do not have personal passwords for our employees and this topic is not related to Atento, as an additional tip of known best practices for internet security issues, if you are interested in checking if your email or passwords have been ever leaked, we suggest you consult Go to Have I Been Pwned, a site that shows this type of information.
It is important to monitor suspicious emails, text messages and communications in the coming days, especially requests for information from strangers. In addition, you can check if your CPF was used for a loan on the website of the Central Bank of Brazil, available here for free registration – https://www.bcb.gov.br/cidadaniafinanceira/registrato
Atento already has strict protocols to guarantee the security of data, being certified with the highest standards and norms of information security, such as ISO 27001 – Information Security Management – and ISO 20,000 IT Service Management. In addition, Atento acts in accordance with the provisions of the General Law for Personal Data Protection . Even so, Atento will continue to implement measures for continuous improvement of its security structure. After all, the safety and protection of our employees and customers continue to be a priority for the company.
We will keep you updated on any new facts relating to the investigations and developments in the case. You can also contact protecaodedados@atento.com.br (to be created) for further clarification.
Cookie | Duration | Description | Provider |
---|---|---|---|
__cf_bm | 1 hour | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. | |
_GRECAPTCHA | 5 months 27 days | This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis. | |
_uetsid | 1 day | Bing Ads sets this cookie to engage with a user that has previously visited the website. | |
_uetvid | 1 year 24 days | Bing Ads sets this cookie to engage with a user that has previously visited the website. | |
_wpfuuid | 1 year 1 month 4 days | This cookie is used by the WPForms WordPress plugin. The cookie is used to allows the paid version of the plugin to connect entries by the same user and is used for some additional features like the Form Abandonment addon. | |
AtentoCom443Affinity | session | Description is currently not available. | |
AtentoCom443AffinityCORS | session | Description is currently not available. | |
cf_ob_info | 1 minute | The cf_ob_info cookie is set by Cloudflare to provide information on HTTP Status Code returned by the origin web server, the Ray ID of the original failed request and the data center serving the traffic. | |
cf_use_ob | 1 minute | Cloudflare sets this cookie to improve page load times and to disallow any security restrictions based on the visitor's IP address. | |
client_token | 10 hours | Dailymotion places this cookie as an anonymous access token used by the Video Player, to access the API that stores content metadata when a user is not authenticated. | |
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytical Cookies". | Atento |
cookielawinfo-checkbox-advertisement | 1 year | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertising Customization Cookies". | Atento |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Technical cookies". | Atento |
cookietest | session | Cookie used to remember the user’s acceptance of the privacy policy. | |
elementor | never | The website's WordPress theme uses this cookie. It allows the website owner to implement or change the website's content in real-time. | |
li_gc | 6 months | Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes. | |
lidc | 1 day | LinkedIn sets the lidc cookie to facilitate data center selection. | |
MSPTC | 1 year 24 days | Description is currently not available. | |
PHPSESSID | session | This cookie is native to PHP applications. The cookie stores and identifies a user's unique session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted when all the browser windows are closed. | |
pll_language | 1 year | Polylang sets this cookie to remember the language the user selects when returning to the website and get the language information when unavailable in another way. | |
SRM_B | 1 year 24 days | Used by Microsoft Advertising as a unique ID for visitors. | |
ts | 1 year 1 month | This cookie is provided by the PayPal. It is used to support payment service in a website. | Paypal |
UserMatchHistory | 1 month | LinkedIn sets this cookie for LinkedIn Ads ID syncing. | |
usprivacy | 1 year 1 month | This is a consent cookie set by Dailymotion to store the CCPA consent string (mandatory information about an end-user being or not being a California consumer and exercising or not exercising its statutory right). | |
viewed_cookie_policy | 1 year | The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data. | |
VISITOR_PRIVACY_METADATA | 6 months | Description is currently not available. |
Cookie | Duration | Description | Provider |
---|---|---|---|
_clck | 1 year | Microsoft Clarity sets this cookie to retain the browser's Clarity User ID and settings exclusive to that website. This guarantees that actions taken during subsequent visits to the same website will be linked to the same user ID. | |
_clsk | 1 day | Microsoft Clarity sets this cookie to store and consolidate a user's pageviews into a single session recording. | |
_ga | 2 years | Used by Google Analytics to distinguish unique users by assigning a number generated randomly as a client identifier, making it possible to calculate visits and sessions. | |
_ga_* | 1 year 1 month 4 days | Google Analytics sets this cookie to store and count page views. | |
_gat_gtag_UA_160271668_1 | 1 minute | This is used to distinguish users and to limit the percentage of requests. | |
_gat_UA-160271668-1 | 1 minute | This is used to distinguish users and to limit the percentage of requests. | |
_gid | 1 day | Cookie used by Google Analytics to store and update a unique value for each page visited. | |
_hjAbsoluteSessionInProgress | 30 minutes | Cookies associated with HotJar web analytics services and functions, which uniquely identify a visitor during a specific browsing session and indicate that it is part of a sample of visitors. | HotJar |
_hjFirstSeen | 30 minutes | Cookies associated with HotJar web analytics services and functions, which uniquely identify a visitor during a specific browsing session and indicate that it is part of a sample of visitors. | HotJar |
_hjid | 1 year | This cookie is associated with HotJar web analytics services and functions, which uniquely identifies a visitor during a specific browsing session, and indicates that it is part of a sample of visitors. | HotJar |
_hjIncludedInPageviewSample | 2 minutes | Cookies associated with HotJar web analytics services and functions, which uniquely identify a visitor during a specific browsing session and indicate that it is part of a sample of visitors. | HotJar |
_hjIncludedInSessionSample_3164080 | 1 hour | Description is currently not available. | |
_hjSession_* | 1 hour | Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site. | |
_hjSessionUser_* | 1 year | Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site. | |
AnalyticsSyncHistory | 1 month | Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie. | |
CLID | 1 year | Microsoft Clarity set this cookie to store information about how visitors interact with the website. The cookie helps to provide an analysis report. The data collection includes the number of visitors, where they visit the website, and the pages visited. | |
dmvk | session | This cookie is set by the provider Dailymotion. This cookie is used for collecting statistical data of the visitor behaviour on the website. It is used for internal analytics. | Dailymotion |
MR | 7 days | This cookie, set by Bing, is used to collect user information for analytics purposes. | |
pardot | past | The pardot cookie is set while the visitor is logged in as a Pardot user. The cookie indicates an active session and is not used for tracking. | |
SM | session | Microsoft Clarity cookie set this cookie for synchronizing the MUID across Microsoft domains. | |
v1st | 1 year 1 month | This cookie is set by the provider TripAdvisor. This cookie is used to show user reviews, awards and information recieved on the community of TripAdvisor. It helps to collect information about how visitors use the website. | TripAdvisor |
Cookie | Duration | Description | Provider |
---|---|---|---|
_fbp | 3 months | This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website. | |
_gcl_au | 3 months | This is used to monitor how many times the people who click ads end up taking an action on the site. Google does not use them for customized ad orientation and it persists for just a limited time. | |
ANONCHK | 10 minutes | The ANONCHK cookie, set by Bing, is used to store a user's session ID and verify ads' clicks on the Bing search engine. The cookie helps in reporting and personalization as well. | |
bcookie | 1 year | LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs. | |
bscookie | 1 year | LinkedIn sets this cookie to store performed actions on the website. | |
CONSENT | 16 years 6 months 6 days 6 hours 9 minutes | Cookie that collects information on how the end user uses the website and any advertising that the end user of the website has seen. | |
fr | 3 months | The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin. | |
IDE | 1 year 24 days | Used to improve the advertising based on the content that is relevant for a user, improve the campaign performance reports and avoid showing ads to the user that they have already seen. | |
li_sugr | 3 months | LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant. | |
MUID | 1 year 24 days | Bing sets this cookie to recognise unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations. | |
sid | past | Measures the performance of the ads and provides recommendations – Google | |
test_cookie | 15 minutes | Used by Google DoubleClick to serve website visitors with relevant ads, and to check if the user's browser supports cookies. | |
VISITOR_INFO1_LIVE | 5 months 27 days | Attempts to calculate the user’s bandwidth on pages with embedded YouTube videos. | |
YSC | session | Records a unique identification to maintain statistics on which YouTube videos were seen by the user. | |
yt-remote-connected-devices | never | Stores the user’s video player preferences using embedded YouTube video | |
yt-remote-device-id | never | Stores the user’s video player preferences using embedded YouTube video. | |
yt.innertube::nextId | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. | |
yt.innertube::requests | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |