Cyber Incident Victim: Atento S.A.
Date:
Oct 2021
Location:
Brazil
Summary
A customer services firm experienced a cyberattack primarily affecting its Brazilian operations, leading to proactive system isolation and service interruptions. The company contained the threat within 24 hours, resumed limited services for some clients, and gradually restored data center operations while continuing investigations with consultants and authorities. Brazil represents a critical market for the organization, hosting over 45% of its global workforce and serving major telecommunications and banking clients. This incident follows recent cyberattacks against other prominent Brazilian companies, including an insurance group and a travel operator, amid broader concerns about underinvestment in cybersecurity across the country's businesses.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Atento S.A., a multinational customer service and business process outsourcing (BPO) firm, experienced a cyberattack impacting its operations primarily in Brazil around October 17, 2021. The company's security team initiated containment measures by proactively isolating affected systems to prevent potential risks to customers, resulting in suspended connections with Brazilian clients and service interruptions. Within 24 hours of detection, Atento contained the threat and began restoring limited services while continuing investigations with cybersecurity consultants and relevant authorities. Data center operations resumed first, with plans to progressively reactivate additional services following security validation of impacted environments. Brazil represented Atento's largest operational footprint, accounting for over 45% of its global workforce of 150,000+ employees and serving major clients including Banco Bradesco and Itaú Unibanco. The company maintained communication with customers throughout the incident but did not disclose technical details regarding the attack vector or potential data compromise.
This incident occurred amid heightened cyber threats targeting Brazilian enterprises, including a service-disrupting attack on insurance provider Porto Seguro the preceding week and a ransomware incident that paralyzed operations at travel operator CVC earlier that month. Industry context revealed systemic vulnerabilities, with a Marsh/Microsoft study indicating 56% of Brazilian companies allocated ≤10% of IT budgets to cybersecurity. Over half maintained pre-pandemic security investment levels despite increased remote work risks, while only 23% of organizations mandated company-provided devices for employees—a factor correlating with heightened incident exposure. Remote access security ranked as a top priority for merely 12% of surveyed Brazilian firms, underscoring operational challenges faced by Atento and peers in securing distributed workforce infrastructures during the pandemic era. The company's containment timeline and phased recovery approach reflected standard incident response protocols for critical infrastructure providers in the region.