In a shocking cybersecurity incident that highlights the growing threats to global financial systems, hackers recently targeted a prominent Brazilian fintech company in an audacious bid to siphon off $130 million. This attempted bank heist underscores the vulnerabilities in real-time payment platforms and the critical need for robust third-party access controls. If you’re in the fintech industry or concerned about cyber threats, here’s everything you need to know about this high-stakes breach.
On August 29, 2025, cybercriminals infiltrated Sinqia S.A., a São Paulo-based subsidiary of the leading financial technology provider Evertec, Inc. The attackers exploited the Brazilian Central Bank’s instant payment system, known as Pix, to initiate unauthorized business-to-business transactions. Pix, launched in November 2020, has become Brazil’s most popular payment method, operating 24/7 and handling massive volumes of real-time transfers—making it a prime target for sophisticated cyber attacks.
The breach involved attempts to steal approximately $130 million, affecting operations linked to two financial institutions that are customers of Sinqia. Local media reports have pointed fingers at HSBC as one of the involved banks, though the institution has firmly stated that no customer funds or personal data were compromised. Sinqia, which provides financial software and IT services to the banking sector, supports 24 financial institutions across Brazil, amplifying the potential ripple effects of this incident.
Outcomes and Ongoing Recovery Efforts
Following the detection, Sinqia engaged external cybersecurity forensics experts to investigate and mitigate the breach. A portion of the targeted $130 million has already been recovered, with efforts continuing to reclaim the rest. Importantly, there’s no evidence that the attack extended beyond the Pix system or involved the exposure of personal data, providing some relief amid the chaos.
In response, the Central Bank of Brazil temporarily revoked Sinqia’s access to the Pix platform. The company is actively collaborating with authorities, submitting necessary documentation and assurances to restore connectivity. Evertec, Sinqia’s parent company and a major player in transaction processing across Latin America, Puerto Rico, and the Caribbean, has filed disclosures with the U.S. Securities and Exchange Commission (SEC), noting that the financial and reputational impacts could be significant. This includes potential effects on internal controls, though full details are still emerging.
HSBC, responding to media speculation, reiterated that the incident had no bearing on its customers’ assets or information, emphasizing the isolated nature of the breach within Sinqia’s operations.
Broader Implications for Cybersecurity in Fintech
This attempted $130 million bank heist serves as a stark reminder of the escalating risks in the fintech sector, where real-time payment systems like Pix are both innovative and vulnerable. Brazil’s Pix has faced repeated threats from Android banking malware and other cyber exploits, reflecting a global trend of increasing attacks on financial infrastructure.
For businesses, the incident stresses the importance of multi-factor authentication, regular vendor audits, and advanced threat detection systems. As cyber threats evolve—with reports like the Picus Blue Report 2025 showing a doubling in password cracking attempts—fintech firms must prioritize proactive defenses to safeguard against similar breaches.
Evertec acquired Sinqia in 2023 to expand its footprint in Brazil’s booming financial market, but this event could lead to heightened scrutiny from regulators and investors. The full material impact, including any long-term damage to trust and operations, remains to be seen.
Leave A Comment