Cyber Incident Victim: Porto Seguro
Date:
Oct 2021
Location:
Brazil
Summary
Porto Seguro, a major Brazilian insurance company, experienced a cyberattack that disrupted its systems and customer service channels, prompting activation of security protocols and gradual restoration of operations. The firm reported no evidence of data leakage affecting clients, partners, or subsidiaries at the time of disclosure. As Brazil's third-largest insurer with millions of customers and extensive operations across multiple sectors, the incident occurred amid a surge of cyberattacks targeting prominent Brazilian organizations, including recent ransomware incidents impacting travel and retail sectors.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On October 14, 2021, Brazilian insurance leader Porto Seguro experienced a cyberattack causing significant system instability and disruption to customer service channels. The company formally notified Brazil’s Securities and Exchange Commission (CVM) that same day, confirming immediate activation of all security protocols. While Porto Seguro did not disclose technical details regarding the attack vector or perpetrator, it emphasized no evidence of data leakage involving corporate systems, subsidiaries, customers, partners, or personal information had been identified during initial assessments. Restoration efforts commenced promptly, with gradual recovery of operational environments prioritized to minimize business interruption across its insurance, credit, and service divisions. As Brazil’s third-largest insurer—dominating automotive and residential coverage markets—the incident impacted a client base exceeding 10 million individuals and operations spanning 13,000 employees in Brazil and Uruguay.
The attack occurred amid a surge of high-profile cyber incidents targeting major Brazilian corporations. Earlier in October 2021, travel operator CVC suffered a debilitating ransomware attack disclosed to CVM on October 2, paralyzing operations and forcing ongoing website notifications about service disruptions. Retail conglomerate Renner had similarly faced a three-day e-commerce shutdown from a ransomware attack in August 2021. Porto Seguro’s status as a financial services provider amplified scrutiny of its response, particularly given Brazil’s broader consumer anxiety over data security; a July 2021 Datafolha Institute study revealed only 13% of surveyed Brazilians felt their personal data was "very secure," while 21% explicitly considered it insecure. Despite operational challenges, Porto Seguro maintained public assurances regarding data integrity while focusing restoration efforts on critical infrastructure without specifying timelines for full normalcy.