The Central Bank of Brazil published an alert about a security incident arising from unauthorized access to a system operated by the Goiás State Public Prosecutor’s Office, involving personal data linked to Pix keys. It said no sensitive data were exposed, including passwords, transaction details, account balances, or other information protected by bank secrecy, and that the data obtained were limited to registration information that cannot be used to move funds or access accounts. Although not required under current legislation due to the low potential impact on users, the Central Bank decided to disclose the event publicly. The Public Prosecutor’s Office of Goiás will publish on its official website the only channel through which citizens can check whether any of their data were exposed. The Central Bank and financial and payment institutions will not contact affected users via messaging apps, phone calls, SMS, or email, and the Central Bank said it has taken the necessary actions to support a detailed investigation and will record the incident on its dedicated webpage for this type of security event.
Central Bank of Brazil 2026-03-17
Central Bank of Brazil discloses unauthorized access to Goiás State Public Prosecutor system involving Pix key personal data
The Central Bank of Brazil alerted about unauthorized access to a system operated by the Goiás State Public Prosecutor’s Office, affecting personal data linked to Pix keys. No sensitive data, like passwords or transaction details, were exposed, only registration information. The Central Bank disclosed the event publicly, is supporting a detailed investigation, and advised it will not contact affected users directly.