*By Cesar Gomes
We live in a time when the question has shifted from "if there will be a data breach" to "when will it occur." In July 2025, Brazil faced another alarming episode: the exposure of more than 46 million Pix keys, involving the information of 11 million people. The breach, confirmed by the Central Bank and the National Council of Justice, occurred through the Sisbajud system, a platform that cross-references data from financial institutions with the Judiciary. Although no statements or passwords were released, the exposed data, such as name, CPF, branch number, and account type, is already sufficient to facilitate fraud and social engineering scams.
The incident occurred just weeks after another global incident: a massive breach that exposed more than 16 billion credentials from social media and other platforms, as well as from government agency systems. What we observed is that a large portion of these passwords were previously unavailable in public databases, indicating that the information is recent and potentially useful for targeted attacks. Most of the exposed records, in fact, belonged to Portuguese-speaking users, with a significant impact on Brazil.
This is no coincidence. As data becomes the most strategic asset for businesses and governments, it also becomes the most valuable target for cybercriminals. The financial impact of these breaches is significant. According to an IBM study, Brazilian companies suffered, on average, losses of R$6.75 million per incident in 2024. In more sensitive sectors, such as healthcare and finance, losses exceeded R$10 million. In addition to the direct costs, there is also damage to reputation, consumer trust, and, in many cases, operational continuity.
In this scenario, it's urgent to rethink how data is structured, stored, and protected. This is where the open data lakehouse concept comes in, an evolution of data architectures that combines the flexibility of data lakes with the structure of data warehouses. More than a performance solution, it's a strategy that puts security and governance at the center. By enabling the unified storage of structured and unstructured data on a single platform, with centralized catalogs, granular access policies, and continuous monitoring, the lakehouse provides complete visibility into the data lifecycle. This is crucial not only for preventing breaches but also for responding quickly when incidents occur.
Contrary to popular belief, the term "open" doesn't mean vulnerable. On the contrary: openness lies in interoperability, the ability to integrate encryption tools, data masking, strong authentication, and artificial intelligence for real-time threat detection. Instead of isolating data in disconnected silos, the lakehouse allows it to be managed consistently, even in hybrid and multicloud environments. It's a concrete response to digital security challenges that today transcend infrastructure boundaries and are now being addressed at the strategic level of organizations.
Furthermore, as artificial intelligence becomes part of everyday business, powering virtual assistants, co-pilots, and autonomous decision-making models, data integrity becomes essential for success. There is no trustworthy AI without trustworthy data. And there is no trustworthy data without governance, traceability, and protection.
This moment demands that business and technology leaders unite around a new mindset: security can no longer be seen as a barrier to innovation. In fact, it is what ensures that innovation is sustainable. Protected data is the foundation of true digital transformation. Platforms are already being developed to help organizations deal with this new complexity with native security, hybrid scalability, and embedded intelligence to anticipate risks and protect what is most valuable to companies: their data.
Recent leaks only reinforce an inescapable truth: anyone who wants to compete in the digital world must, above all, ensure that their data is secure.
*Cesar Gomes is Vice President of Cloudera for Brazil.
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies
EN 
PT 
