In March 2025, Brazil recorded the first data leak of the year involving the PIX payment system. The incident, confirmed by the Central Bank, affected 25,349 keys linked to a financial institution authorized to operate by the Central Bank. Although no passwords or transaction details were exposed, the leaked data included name, masked CPF, financial institution, branch and account type.
What may not seem like much at first glance is, in practice, a gold mine for fraudsters. This data is enough to apply social engineering scams, simulate fake banking services and trick victims by phone or email.
More than an isolated event, this leak symbolizes a change in the financial security game: attacks are no longer focused solely on systems, but on identities.
The scale of the problem: Brazil at the epicenter of digital fraud
The leak in March 2025 reinforces an alarming trend: Brazil occupies a prominent position on the global map of cyber threats. This is not an isolated case. Brazil has established itself as one of the countries most affected by cybercrime. According to recent data from Surfshark, the country led the way in breached accounts in Latin America in 2024, with 84.6 million accounts compromised - a 2,400% jump on the previous year.
This reality is exacerbated by the success of PIX. In 2024, the system handled R$26.4 trillion, consolidating its position as the country's main means of payment. The platform's growth, while positive for the economy, has made it an even more attractive environment for cybercriminals.
Faced with this new landscape, the need for a more strategic approach is growing, with data and identity protection taking center stage.
The new frontier of cybersecurity: identities and access
Identity is the new perimeter
As organizations become more connected, distributed and exposed to new operating models, the concept of the security perimeter is changing. This change in the digital security landscape shows that it is no longer enough to protect systems: people and their credentials must be protected. In an era of distributed environments, home offices, cloud computing and interconnected systems such as PIX, identity has become the new perimeter.
The key: identity and access governance
To protect identities, it is essential to adopt a structured approach to governance. Identity governance consists of practices and technologies that ensure that only the right people have access to the right resources at the right time. It automates access grants and revocations, detects suspicious behavior and enforces compliance with legislation such as LGPD, SOX and ISO.
This change in mentality requires companies to abandon one-off approaches and adopt robust solutions that go from strategy to execution.
Why does PIX increase the risk?
Although PIX is a robust and successful technology, its exponential growth and integration with various banking systems and digital applications has brought new points of attention to the fore. The recent data leak associated with the system illustrates how any loophole, no matter how small, can be exploited by malicious actors.
But the real problem is not with the PIX itself, but with the way companies deal with data security and access. The absence of identity governance, inadequate controls over who accesses what and a lack of visibility over permissions and integrations are the real triggers for attacks and fraud.
This type of incident is not limited to PIX: it is a symptom of a structural flaw in the digital security of many organizations. Payment systems, e-commerce platforms, cloud applications and even internal HR and financial areas are potential targets when identities are unprotected.
The point here is clear: identity data is the new battleground for cyber security. And to win it, we need to change our approach from reaction to prevention, from the perimeter to identity.
Most common frauds after data leaks
It's no wonder that the number of frauds increases after leaks. When personal and financial data fall into the wrong hands, they become raw material for highly targeted attacks. Scammers use this information to apply social engineering at increasingly sophisticated levels, creating traps that are almost imperceptible to the average user.
One of the most common scams is personalized phishing, which simulates official communications and uses real data to mislead the victim. Another common technique is SIM swapping, which involves cloning a cell phone chip to intercept authentication codes and take control of digital accounts. Scams via messaging apps such as WhatsApp are also common - often simulating calls from banks or support centers.
In addition, criminals have exploited PIX charges with extreme creativity, generating fake slips or QR Codes to trick unsuspecting users. The combination of leaked data and the speed of transactions makes fraud almost invisible, especially without a governance system to control and monitor access.
The link between exposed data and financial losses is getting shorter - and more dangerous.
How SailPoint helps prevent financial leaks and fraud
In an environment where the speed of cyber attacks rivals the agility of the payment systems themselves, relying solely on traditional methods of defense is a risky bet. What companies need is a solution that anticipates threats, automates critical processes and offers total visibility over the identities operating within the organization. With this new scenario, traditional solutions are not enough. Intelligence and automation are needed to predict risks and act before damage occurs. This is exactly what the SailPoint platform delivers.
Critical functionalities for the PIX and financial context
SailPoint automates the lifecycle of digital identities. With it, each new user receives exactly the access they need - nothing more, nothing less. This granularity drastically reduces the chances of improper or neglected access.
In addition, real-time auditing makes it possible to track everything that happens, while artificial intelligence detects unusual patterns that could indicate attempted breaches. Segregation of duties prevents the same employee from concentrating dangerous access, and third-party access management ensures that partners and suppliers also adhere to strict security standards.
How would Asper protect its digital identity in situations like this?
When sensitive data is exposed, as we saw in the PIX case, what is really at risk is the identity behind it. And protecting identities is exactly what we do at Asper.
More than a security solutions integrator, we act as strategic consultants, delivering customized identity governance projects. We combine in-depth technical knowledge, proximity to the largest platforms on the market, such as SailPoint, and real experience in high-level companies.
We implement technologies that automate, audit and control every access. From the first diagnosis to ongoing support, our mission is to ensure that no breach goes unnoticed and that your organization is prepared to respond to and prevent the risks of the new digital landscape.
Asper's differentials
With a highly specialized team and a solid track record in Enterprise companies, Asper positions itself not just as a technology provider, but as a true digital transformation partner. Its differential lies in translating a robust platform like SailPoint into practical results, adapting its application to the operational reality of each organization.
From the initial diagnosis to ongoing support, Asper accompanies the client through each phase of the project. This includes precise access mapping, designing governance policies, automating critical flows and training internal teams to ensure autonomy and scalability.
In addition, Asper's consultative approach promotes a strategic vision of security, integrating identity governance with business objectives. The result is an operation that is more secure, agile and prepared to face current risks with intelligence and solidity.
This guarantees not only protection, but also performance, visibility and sustainable results.
Which sectors are most vulnerable?
Faced with this scenario, some sectors need to sound the alarm even more urgently. Financial institutions and fintechs are naturally at high risk because they deal with critical transactions and sensitive data, which requires extremely strict control over who accesses their infrastructures.
In the same vein, e-commerces and marketplaces operate with high exposure of personal data and make instant payments, which increases vulnerability to targeted attacks and sophisticated fraud.
Hospitals, clinics and healthcare operators face the dual challenge of protecting financial and medical data, and are one of the favorite targets of ransomware and internal leaks.
On the other hand, public and educational institutions face budgetary barriers and outdated technological structures, which compromise visibility and control over access to systems. Often, in these sectors, excessive permissions remain active for long periods, expanding the attack surface.
For all these sectors, identity governance is not an option: it is a strategic pillar that guarantees continuity, reputation and compliance in an increasingly hostile environment.
From warning to action
The PIX data leak in 2025 was not an isolated case. It was a wake-up call - and perhaps, for many, an ultimatum. The incident exposed, once again, the fragility of organizations that still operate without clear governance over access and identities. In times of highly targeted and sophisticated attacks, to continue treating identity security as something secondary is to ignore a real, growing and potentially costly risk. This kind of negligence not only jeopardizes operations, but can also damage reputation and market confidence.
The good news is that there are mature solutions, such as SailPoint, capable of solving the problem. And with Asper as a strategic partner, the protection journey gains clarity, confidence and results.
Protect what sustains your operation now.
