A major Brazilian fintech company, Sinqia S.A., has revealed that it was the target of a sophisticated cyberattack on August 29, in which hackers attempted to steal over $130 million from two of its client financial institutions. The audacious digital heist, which leveraged compromised IT vendor credentials, was quickly thwarted by Sinqia’s rapid response team, though a portion of the funds was successfully transferred before the attack was contained. The incident underscores the critical vulnerabilities within interconnected financial systems and the evolving threat landscape facing the global banking industry.
According to a public filing by Sinqia’s parent company, Evertec, the unauthorized activity was detected in Sinqia’s environment within the Brazilian Central Bank’s real-time payment system, known as Pix. The attackers used stolen credentials from an IT vendor to gain legitimate access, allowing them to initiate a series of fraudulent business-to-business transactions. The heist was aimed at a massive transfer of 710 million Brazilian reals, equivalent to approximately $130 million, from two of Sinqia’s customer banks.
Upon detecting the anomaly, Sinqia immediately enacted its incident response protocols, halting all transaction processing in the compromised environment. The company brought in third-party cybersecurity forensics experts and promptly notified federal and state law enforcement authorities in Brazil. While a portion of the funds was recovered, ongoing efforts are underway to reclaim the remaining amount.
As a direct consequence of the breach, the Central Bank of Brazil has temporarily suspended Sinqia’s access to the Pix system. The company is now working closely with the central bank to provide a comprehensive review of the incident and to implement additional security measures to restore its operational status. Evertec has stated that there is no evidence to suggest the compromise of personal data or any systems beyond the Pix environment.
The attack serves as a stark reminder of how cybercriminals are increasingly targeting the weakest links in the supply chain, often through third-party vendors with privileged access. This particular incident highlights the risks associated with instant payment systems, which, while highly efficient, offer a lucrative target for organized cybercriminal groups with the technical expertise to exploit them. It emphasizes the need for a collaborative and proactive security approach across the financial sector to protect against these sophisticated threats.
