On Sunday Oct 17th Atento Security team detected irregular activity on one of our networks in Brazil. Immediately, we deployed all available cyber security protocols in order to contain, assess, and neutralize the threat.
From the beginning, our priority has been to ensure the protection and integrity of our customers and employees data. We have implemented all available cybersecurity protocols within our reach to assess, contain and neutralize the threat. Among the initiatives, to prevent any risk, we proactively isolate the impacted systems and also suspend external connections.
As the investigations progressed, it was found that personal data of employees/former employees of Atento Brasil Group companies were exposed.
Therefore, committed to transparency in the relationship with our employees, even with ongoing investigations, we provide some clarifications below.
For further questions regarding your personal data, please feel free to contact us by email xxxxxxxx
There is evidence that there was a data leak from our company’s systems and, striving for transparency with our employees/former employees, we believe it is important to share the implications that may result from this attack.
It is also worth noting that regardless of this communication, we continue to collaborate with the authorities and external consultants to mitigate the possible impacts of the attack.
Atento informed the competent authorities, including the police, as well as the authority responsible for the protection of personal data in Brazil. Thus, we are acting cautiously and cooperatively with all of them, seeking to mitigate any impacts that the criminal attack may cause to employees/former employees and customers.
Immediately, on Sunday (10/17/2021), Atento communicated the incident to the competent authorities. Once the security incident was identified, a Crisis Committee was established, involving the company’s executives, who decided to establish the following immediate actions:
Unfortunately, this type of attack has grown around the world, involving companies that operate in different segments. Brazil is the world’s second largest targeted country for cyber attacks, second only to the United States. To give you an idea, in the first half of 2021 alone, there were more than 439,000 attacks in the country.
Atento and its customers were another victim of this criminal act, which has affected the corporate systems of companies.
First of all, know that Atento is doing everything that is technically and legally possible to control the situation. There is a possibility for the cybercriminal group to publish data on the deep web or deep internet, which is not accessed by everyone. This does not mean that your data will be accessible to anyone on the Internet or that it will be known to everyone. However, we recommend that you keep an eye out for any suspicious activity on your devices, social media accounts, and email or bank account.
The technical analysis, in progress, has detected evidence that a data leak has occurred from our company’s systems. This evidence resulted in the exposure of some information from our employees/ex-employees as xxxxxxx
There is a possibility for the cybercriminal group to publish data on the deep web or deep internet, which is not accessed by everyone. This does not mean that your data will be accessible to anyone on the Internet or that it will be known to everyone. However, we recommend that you keep an eye out for any suspicious activity on your devices, social media accounts, and email or bank account.
Files with the personal data of employees/ex-employees were accessed. Although it is different in each case, the file contained identification and contact details, professional data and bank data, such as information about the branch and account for salary payment.
You can change your passwords and monitor any suspicious activity that might happen with your data.
Pay close attention to emails and, if you detect any suspicious emails, be careful and never open emails from unknown recipients.
In case of doubts regarding your bank account, contact your bank and monitor your account movements.
You can also check the Go to Have I Been Pwned website, which shows e-mails and passwords that have already been leaked, together with details of how they were leaked.
If you have any questions, please contact us via email xxxxxxxxxxx
Feel free to reach out to them if you think it is necessary. In addition, if you have noticed any suspicious activity with your data, regardless of other measures, please contact us via email xxxxxxxxxxx
Do not access websites that offer this type of information, it can be a trap to capture additional information.
Although we do not have personal passwords for our employees and this topic is not related to Atento, as an additional tip of known best practices for internet security issues, if you are interested in checking if your email or passwords have been ever leaked, we suggest you consult Go to Have I Been Pwned, a site that shows this type of information.
It is important to monitor suspicious emails, text messages and communications in the coming days, especially requests for information from strangers. In addition, you can check if your CPF was used for a loan on the website of the Central Bank of Brazil, available here for free registration – https://www.bcb.gov.br/cidadaniafinanceira/registrato
Atento already has strict protocols to guarantee the security of data, being certified with the highest standards and norms of information security, such as ISO 27001 – Information Security Management – and ISO 20,000 IT Service Management. In addition, Atento acts in accordance with the provisions of the General Law for Personal Data Protection . Even so, Atento will continue to implement measures for continuous improvement of its security structure. After all, the safety and protection of our employees and customers continue to be a priority for the company.
We will keep you updated on any new facts relating to the investigations and developments in the case. You can also contact protecaodedados@atento.com.br (to be created) for further clarification.
Cookie | Duration | Description | Provider |
---|---|---|---|
_GRECAPTCHA | 5 months 27 days | This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis. | |
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytical Cookies". | Atento |
cookielawinfo-checkbox-advertisement | 1 year | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertising Customization Cookies". | Atento |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Technical cookies". | Atento |
cookietest | session | Cookie used to remember the user’s acceptance of the privacy policy. | |
ts | 1 year 1 month | This cookie is provided by the PayPal. It is used to support payment service in a website. | Paypal |
Cookie | Duration | Description | Provider |
---|---|---|---|
_ga | 2 years | Used by Google Analytics to distinguish unique users by assigning a number generated randomly as a client identifier, making it possible to calculate visits and sessions. | |
_gat_gtag_UA_160271668_1 | 1 minute | This is used to distinguish users and to limit the percentage of requests. | |
_gat_UA-160271668-1 | 1 minute | This is used to distinguish users and to limit the percentage of requests. | |
_gid | 1 day | Cookie used by Google Analytics to store and update a unique value for each page visited. | |
_hjAbsoluteSessionInProgress | 30 minutes | Cookies associated with HotJar web analytics services and functions, which uniquely identify a visitor during a specific browsing session and indicate that it is part of a sample of visitors. | HotJar |
_hjFirstSeen | 30 minutes | Cookies associated with HotJar web analytics services and functions, which uniquely identify a visitor during a specific browsing session and indicate that it is part of a sample of visitors. | HotJar |
_hjid | 1 year | This cookie is associated with HotJar web analytics services and functions, which uniquely identifies a visitor during a specific browsing session, and indicates that it is part of a sample of visitors. | HotJar |
_hjIncludedInPageviewSample | 2 minutes | Cookies associated with HotJar web analytics services and functions, which uniquely identify a visitor during a specific browsing session and indicate that it is part of a sample of visitors. | HotJar |
dmvk | session | This cookie is set by the provider Dailymotion. This cookie is used for collecting statistical data of the visitor behaviour on the website. It is used for internal analytics. | Dailymotion |
v1st | 1 year 1 month | This cookie is set by the provider TripAdvisor. This cookie is used to show user reviews, awards and information recieved on the community of TripAdvisor. It helps to collect information about how visitors use the website. | TripAdvisor |
Cookie | Duration | Description | Provider |
---|---|---|---|
_fbp | 3 months | This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website. | |
_gcl_au | 3 months | This is used to monitor how many times the people who click ads end up taking an action on the site. Google does not use them for customized ad orientation and it persists for just a limited time. | |
CONSENT | 16 years 6 months 6 days 6 hours 9 minutes | Cookie that collects information on how the end user uses the website and any advertising that the end user of the website has seen. | |
fr | 3 months | The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin. | |
IDE | 1 year 24 days | Used to improve the advertising based on the content that is relevant for a user, improve the campaign performance reports and avoid showing ads to the user that they have already seen. | |
sid | past | Measures the performance of the ads and provides recommendations – Google | |
test_cookie | 15 minutes | Used by Google DoubleClick to serve website visitors with relevant ads, and to check if the user's browser supports cookies. | |
VISITOR_INFO1_LIVE | 5 months 27 days | Attempts to calculate the user’s bandwidth on pages with embedded YouTube videos. | |
YSC | session | Records a unique identification to maintain statistics on which YouTube videos were seen by the user. | |
yt-remote-connected-devices | never | Stores the user’s video player preferences using embedded YouTube video | |
yt-remote-device-id | never | Stores the user’s video player preferences using embedded YouTube video. |