Theft of $130M attempted on Brazilian fintech firm heist

Brazilian financial software and IT services provider Sinqia, a subsidiary of leading Latin American payment processing and technology firm Evertec, had $130 million attempted to be stolen from its systems following the compromise of the Brazilian Central Bank's real-time payment system Pix on August 29, BleepingComputer reports. Identification of unauthorized business-to-business transactions in Sinqia's Pix environment, facilitated by stolen IT vendor account credentials, has prompted immediate suspension of transaction processing and the launch of an investigation alongside third-party cyber forensics experts, reported Evertec in a filing with the U.S. Securities and Exchange Commission that also noted ongoing efforts to recover the remainder of the funds sought to be pilfered by threat actors. Evertec also emphasized that there has been no evidence suggesting the compromise of personal data or additional systems outside the Pix environment. "The financial and reputational impact of the incident, including any impact on the Company's internal controls, are not yet known and could be material," said Evertec.