#alert Theft of R$ 1 billion? What is known about the hacker attack on the service provider of financial institutions.
C&M, a service provider that serves various financial institutions, confirmed on Tuesday, 2, that hackers managed to steal amounts from the company's accounts. According to Brazil Journal, the theft that occurred on Tuesday afternoon, 1st, could have been up to R$ 1 billion.
In a statement, C&M says it is “actively collaborating with the competent authorities, including the Central Bank and the Civil Police of SP, in ongoing investigations” (see the full statement below).
Contacted by IstoÉ Dinheiro, the Central Bank confirmed the break with the service provider.
“A C&M Software, a service provider of technology for institutions that provide transactional accounts without their own means of connection, reported an attack on its technological infrastructure. The Central Bank ordered C&M to disconnect the institutions' access to the infrastructures it operates,” says the authority.
The BC also emphasized that the systems managed by the institution were not affected.
What happened?
C&M's systems were breached and several accounts were accessed, including an account from BMP, a Banking as a Service (BaaS) operator.
The case gained even more notoriety given that C&M provided services to the Central Bank (BC). However, the service provider has already been disconnected from the system, and the agency's technicians are evaluating the situation.
To Brazil Journal, knowledgeable sources stated that BMP's clients will not suffer losses because the operator has a collateral deposit that provides liquidity in light of the R$ 1 billion theft.
Who was affected?
C&M served various clients.
Until now, three institutions have confirmed that they were impacted by the hacker attack: Credsystem, Paulista Bank, and BMP. Credsystem suffered direct impacts and its clients lost access to the Pix system.
This occurs because the affected companies lost access to the instant payment system as soon as the BC removed C&M from its systems.
Paulista Bank also had incidents with Pix due to a temporary interruption, but the failure did not result in improper transactions.
BMP reported that the attack exclusively involved resources deposited in its reserve account at the Central Bank and that it has already adopted all appropriate operational and legal measures.
-XP reported that it was not affected.
What is C&M and what does it do, the target of the billion-dollar theft by hacker attack?
Founded in the 1990s, C&M Software is a company specialized in systems that connect banks and fintechs to the Brazilian Payment System (SPB), including the settlement environment of Pix.
-Among the company's clients are:
•XP
•Rico (subsidiary of XP)
•Carrefour Bank
•Minerva Foods
•BMP
••Paulista Bank
•Credsystem
-What was the amount?
The exact amount diverted by the criminals has not yet been confirmed. Information from Brazil Journal, which reported the case first based on investigations with knowledgeable sources, suggests it could be R$ 1 billion.
Investigation by Valor Econômico indicates that at least R$ 400 million was diverted.
If the amount of R$ 1 billion is confirmed, this hacker attack would have been the largest theft in Brazilian history, surpassing emblematic cases such as the heist at the Central Bank that occurred in Fortaleza (CE) in mid-2005, when R$ 164 million in cash was taken from the institution's vaults.
-Check the full statement from C&M
The company is a direct victim of the criminal action, which included the improper use of customer credentials to fraudulently attempt to access its systems and services. Following legal guidance and in respect of the confidentiality of the investigations, CMSW will not comment on the details of the process, but emphasizes that all of its critical systems remain intact and operational, and that the measures outlined in the security protocols have been fully executed.
#TrumpVsMusk #alerta #StrategyBTCPurchase #NODEBinanceTGE $BTC $USDC $SOL