DISCOVERING DIGITAL BREAKS: A COMPARATIVE STUDY OF DATA BREACHES AT VTECH, C&A AND SERASA EXPERIAN
um estudo comparativo das violações de dados na VTech, C&A e Serasa Experian
DOI:
https://doi.org/10.31510/infa.v21i2.2087Keywords:
Cybersecurity, data breaches, SQL Injection, Phishing, encryptionAbstract
The article addresses the growing importance of cybersecurity in the current context, where digital devices are increasingly present in daily activities. Focused on three case studies – VTech, C&A and Serasa Experian – the work examines how security flaws allowed data breaches that compromised the sensitive information of millions of people. The methodology used is bibliographic, analyzing academic sources and safety reports. The article details attack techniques, such as SQL Injection, Phishing and Brute Force, in addition to proposing measures to mitigate such threats, such as encryption, multi-factor authentication and continuous employee training. It concludes that the combination of advanced technologies and educational practices is essential to reduce cyber attacks and improve companies' digital security, but points out limitations in data on companies' responses to breaches. Finally, it recommends future research to evaluate the effectiveness of the security measures adopted.
Downloads
References
APWG. Phishing Activity Trends Report. 2023. Disponível em: <https://www.apwg.org/trendsreports/>. Acesso em: 24 set. 2024.
BBC. Vtech breach: Passwords ‘not securely stored’. Disponível em: <https://www.bbc.com/news/technology-35101049>. Acesso em: 14 set. 2024.
BBC NEWS. Technology news. Disponível em: <https://www.bbc.com/news/technology-45446529>. Acesso em: 2 set. 2024.
BBC NEWS. Technology news. Disponível em: <https://www.bbc.co.uk/news/technology-54568784>. Acesso em: 2 set. 2024.
BRAZIL: Largest personal data leakage exposes 223 million people. Disponível em: <https://www.business-humanrights.org/en/latest-news/brazil-largest-personal-data-leakage-exposes-223-million-people-and-includes-facial-images-salary-credit-score-addresses-and-tax-identifiers/>. Acesso em: 3 set. 2024.
C&A GLOBAL. História da C&A. Disponível em: <https://www.c-and-a.com/uk/en/corporate/company/history> Acesso em: 19 set. 2024.
CSO ONLINE. Marriott data breach FAQ: How did it happen and what was the impact? Disponível em: <https://www.csoonline.com/article/567795/marriott-data-breach-faq-how-did-it-happen-and-what-was-the-impact.html>. Acesso em: 2 set. 2024.
FORBES. 5 ataques cibernéticos no Brasil em 2021 que geraram alerta. Disponível em: <https://forbes.com.br/forbes-tech/2021/12/5-ataques-ciberneticos-no-brasil-em-2021-que-geraram-alerta/>. Acesso em: 9 set. 2024.
FRANCESCHI-BICCHIERAI, Lorenzo. VTech hack exposes millions of users’ data. Vice, 02 dez. 2015. Disponível em: <https://www.vice.com/en/article/one-of-the-largest-hacks-yet-exposes-data-on-hundreds-of-thousands-of-kids/>. Acesso em: 11 set. 2024.
LEXOLOGY. Brazil´s biggest data leak to date: 220 million people affected. Disponível em: https://www.lexology.com/library/detail.aspx?g=f8cba4de-b585-4716-8684-9cb7cdf71024. Acesso em: 5 set. 2024.
NIST. Digital Identity Guidelines. 2023. Disponível em: <https://pages.nist.gov/800-63-3/sp800-63b.html>. Acesso em: 24 set. 2024.
OWASP. SQL Injection. 2023. Disponível em: <https://owasp.org/www-community/attacks/SQL_Injection>. Acesso em: 24 set. 2024.
RETAIL DIVE. C&A launches new e-commerce platform. Disponível em: <https://www.retaildive.com/news/ca-launches-new-e-commerce-platform/567890/>. Acesso em: 2 set. 2024.
SERASA EXPERIAN. Ano de 2021 bate recorde com mais de 4 milhões de tentativas de fraude. Disponível em: <https://www.serasaexperian.com.br/sala-de-imprensa/analise-de-dados/ano-de-2021-bate-recorde-com-mais-de-4-milhoes-de-tentativas-de-fraude-revela-serasa-experian/>. Acesso em: 5 set. 2024.
SERASA EXPERIAN. Ano de 2021 bate recorde com mais de 4 milhões de tentativas de fraude, revela Serasa Experian. Disponível em: <https://www.serasaexperian.com.br/sala-de-imprensa/analise-de-dados/ano-de-2021-bate-recorde-com-mais-de-4-milhoes-de-tentativas-de-fraude-revela-serasa-experian/>. Acesso em: 9 set. 2024.
SERASA EXPERIAN. Quem somos? Disponível em: <https://www.serasaexperian.com.br/sobre-nos/quem-somos/>. Acesso em: 3 set. 2024.
SOLMS, R.; NIEKERK, J. Information security management: Theory and practice. South African Journal of Information Management, v. 15, n. 1, p. 1-10, 2013.
STALINGS, W. Computer security: Principles and practice. 4. ed. Boston: Pearson, 2020.
VALENTE, Jonas. MPDFT abre inquérito para apurar vazamento de dados de clientes da C&A. Agência Brasil, Brasília, 03 set. 2018. Disponível em: <https://agenciabrasil.ebc.com.br/geral/noticia/2018-09/mpdft-abre-inquerito-para-apurar-vazamento-de-dados-de-clientes-da-ca>. Acesso em: 11 set. 2024.
VERIZON. Data breach investigations report. 2021. Disponível em: <https://enterprise.verizon.com/resources/reports/dbir/>. Acesso em: 15 set. 2024.
VTECH HOLDINGS LIMITED. Annual Report 2024. Disponível em: <https://www.vtech.com>. Acesso em: 14 set. 2024.
WELIVESECURITY. Serasa é notificada sobre vazamento de dados de 223 milhões de brasileiros. Disponível em: <https://www.welivesecurity.com/br/2021/01/29/serasa-e-notificada-sobre-vazamento-de-dados-de-223-milhoes-de-dados-de-brasileiros/>. Acesso em: 9 set. 2024.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Revista Interface Tecnológica
This work is licensed under a Creative Commons Attribution 4.0 International License.
Os direitos autorais dos artigos publicados pertencem à revista Interface Tecnológica e seguem o padrão Creative Commons (CC BY 4.0), que permite o remixe, adaptação e criação de obras derivadas do original, mesmo para fins comerciais. As novas obras devem conter menção ao(s) autor(es) nos créditos.
.jpg)
1.png)
1.png)
