The attack compromised the reserve account of at least five financial institutions; the Central Bank, Civil Police, and Federal Police are investigating.
A large-scale cyber attack hit the servers of C&M Software on Tuesday (1st), a company that connects financial institutions to the Pix infrastructure and the Brazilian Payment System (SPB). According to reports gathered by Valor Econômico, the hackers used C&M as a gateway to invade reserve accounts maintained at the Central Bank by at least five institutions. The estimated loss is R$ 400 million.
C&M acts as the official messenger between banks and the Pix settlement environment, essential for real-time communication between banking systems. The invasion prompted an immediate response: the company was disconnected from the Central Bank environment, while police and regulatory authorities began investigations into the incident.
In a statement, C&M stated that it is a direct victim of the attack and declared that the criminals may have used customer credentials improperly to try to access the company's systems. The company emphasized that its critical systems remain intact and operational.
"For legal guidance and in respect to the confidentiality of the investigations, C&M will not comment on the details of the process, but emphasizes that all of its critical systems remain intact and operational, and that the measures provided for in the security protocols have been fully executed," the company stated.
The Civil Police of São Paulo is already participating in the investigation, and it is expected that the Federal Police will also get involved due to the sensitivity of the affected system and the involvement of bank accounts under the responsibility of the Central Bank.
#BTCReclaims110K #HackerNews $BTC
