Hackers targeted Evertec’s Brazilian subsidiary, Sinqia S.A., attempting to steal $130 million. The breach occurred on August 29,granting them unauthorized access to the central bank’s real-time payment system,Pix.
Evertec, a major financial technology processor, experienced a security incident at its Brazilian unit, Sinqia, impacting brazil’s popular Pix payment system.
- Hackers attempted to steal $130 million from Sinqia, a Brazilian subsidiary of Evertec.
- Access to Sinqia’s pix surroundings was gained through stolen credentials of an IT vendor.
- A portion of the funds has been recovered, with ongoing restoration efforts.
Did hackers try to steal $130 million from a Brazilian fintech? Yes, hackers attempted to steal $130 million from Sinqia S.A., an Evertec subsidiary, by breaching its access to Brazil’s Pix payment system.
Evertec, a public financial technology giant, processes transactions across Latin america, Puerto Rico, and the Caribbean. Sinqia, acquired by Evertec in 2023, is based in São Paulo and specializes in financial software and IT services for the banking sector.
The incident, disclosed in a filing to the U.S. Securities and Exchange Commission (SEC), details that hackers gained unauthorized access to Sinqia’s environment within the Pix system on August 29, 2025.
“On August 29, 2025, Sinqia S.A., a Brazilian subsidiary of EVERTEC, Inc.,identified unauthorized activity in its environment of the Brazilian Central Bank real-time payment system known as Pix,” the SEC filing states. Following detection, Sinqia stopped processing transactions and engaged cybersecurity experts.
Pix, launched by the Central Bank of Brazil in November 2020, is Brazil’s instant payment system. It enables 24/7 fund transfers and has become the country’s most widely used payment method, frequently targeted by Android banking malware.
The hackers targeted business-to-business transactions involving two of Sinqia’s financial institution customers.Local media outlets have pointed to HSBC bank, tho a spokesperson confirmed no customer funds or data were affected.
Evertec has confirmed that a portion of the $130 million has been recovered, with ongoing efforts to reclaim more. The investigation revealed that attackers exploited stolen credentials belonging to an IT vendor to access Sinqia’s Pix environment.
The company currently has no indication that the breach extends beyond Sinqia’s Pix environment, nor is there evidence of personal data exposure. Sinqia’s access to Pix has been suspended by the Central Bank of Brazil, but the company is working to restore it by providing necessary data and assurances.
Sinqia’s Pix operations support 24 financial institutions in Brazil. Evertec acknowledged that the financial and reputational impact, including any effects on internal controls, is currently unknown and could be critically important.
46% of environments had passwords cracked, nearly doubling from 25% last year.
Get the Picus Blue Report 2025 now for a thorough look at more findings on prevention, detection, and data exfiltration trends.
