backMultiplan, a company that manages several shopping centers in Brazil, confirmed a security incident involving its “Multi” mobile application, resulting from a cyberattack that occurred on January 10, 2026. According to an official statement, certain users’ registration data may have been accessed, including information such as credit card expiration dates and the last four digits of card numbers. The company stated that more sensitive data, such as full credit card numbers, were not accessed.
Multiplan reported that it has notified the Brazilian Data Protection Authority (Agência Nacional de Proteção de Dados) and taken appropriate measures, including informing potentially affected users and providing guidance on identifying suspicious communications. In its statement, the company reaffirmed its commitment to information security best practices, transparency, and the protection of personal data, apologized for the incident, and confirmed that the application remains secure and operational.
share
