As soon as the Credit Bureau learned of the sale of the database, it hired a company specialized in cybersecurity to evaluate its computer systems.
“The company concluded that the current systems have not been violated. However, it cannot be ruled out that the violation could have been carried out from 2016 until before the system currently used,” the CNBV detailed in a statement.
The CNBV reported that it made an inspection visit on January 26 to evaluate the system such as physical and logistical security, security in the communications that the Bureau has with financial institutions and users.
“The CNBV will follow up on the implementation of the actions that could result from the investigative visit, and will execute the corrective actions and acts of authority that, according to the powers, could result,” he explained.