Sofia Mandelert, Thamilla Talarico, Nuria López and Renato Gomes Malafaia of Daniel Law write: Following procedures contained in the LGPD (Brazils new data protection law), the international fellowship Enel, with operations in Brazil, has started contacting its customers in relation to a data breach affecting the data of at least 300 k clients in the city of Osasco. It is reported that the leak involved personal data, such as name, personal identity (CPF) and telephone numbers, and consumption data; such as address, meter-reading rates and even the payment history of its consumers, and affects an estimated 4% of the companys customer base. It is still unclear how the leak occurred. Source: Lexology. working backwards, it seems the incident was discovered in early November, 2020. Are notifications first being sent out now?