What is Sinqia S.A. and what role does it play in Brazil's payment system?

Sinqia is a São Paulo-based financial software and IT services company that provides the infrastructure enabling 24 banks and financial institutions to process instant payments through Pix, Brazil's most widely used payment method with 169 million registered users.

Which financial institutions were targeted in the Sinqia cyberattack?

The incident specifically targeted HSBC and fintech firm Artta. The hackers tried to steal R$380 million from HSBC and approximately R$40 million from Artta. However, Evertec's official reports of R$710 million in unauthorized transactions indicate that other financial institutions were also targeted.

What was the total amount of money involved in the attempted theft?

The cyberattack resulted in attempted theft of Brazilian Real (R$)710 million, which is approximately $130-140 million USD. This represents one of the largest attempted financial cybercrimes in Brazilian history.

How much of the stolen money was recovered from the Sinqia attack?

The Brazilian Central Bank managed to freeze R$350 million of the attempted theft, representing approximately half of the total R$710 million targeted. Additional recovery efforts are ongoing to recover more of the fraudulent transactions.

What is Brazil's Pix payment system and why is it significant?

Pix is Brazil's real-time payment system and the country's most widely used payment method with 169 million registered users. It enables instant payments between individuals and businesses 24/7, making it critical infrastructure for Brazil's financial system and economy.

What are the implications of this attack for Brazil's financial system?

This attack represents a significant threat to Brazil's financial infrastructure, affecting a system used by 169 million people and 24 major financial institutions. The Brazilian Central Bank's decision to disconnect Sinqia from the national payments infrastructure demonstrates the serious impact on payment processing capabilities and the need for enhanced cybersecurity measures to protect critical financial infrastructure.

Incident

Massive $130 million attempted theft targets brazilian Fintech through stolen vendor credentials

Q: How did attackers gain access to the Pix payment system?

The attack was executed using compromised credentials belonging to legitimate IT vendors of Sinqia. These stolen credentials were used to inject unauthorized business-to-business financial transactions into the Pix environment, allowing attackers to attempt massive fraudulent transfers.

Q: What immediate actions did Sinqia take after detecting the cyberattack?

After detecting the unauthorized activity, Sinqia halted all transaction processing in its Pix environment and engaged outside cybersecurity forensics experts to investigate the incident and implement remediation measures.

published: Sept. 3, 2025

Learn More

Evertec's Brazilian subsidiary Sinqia S.A., a financial technology provider in Brazil's payment infrastructure, was hit by a cyberattack on August 29, 2025, that resulted in attempted theft of Brazilian Real (R)$710 million (approximately $130-140 million USD) through Brazil's real-time payment system Pix.

Sinqia, a São Paulo-based financial software and IT services company provides the infrastructure that enables 24 banks and financial institutions to process instant payments through Pix, Brazil's most widely used payment method with 169 million registered users.

The attack was executed with compromised credentials belonging to legitimate IT vendors of Sinqia. The credentials were used to inject unauthorized business-to-business financial transactions into the Pix environment.

The incident targeted HSBC and fintech firm Artta. The hackers tried to steal R$380 million from HSBC and approximately R$40 million from Artta. Evertec's official reports of R$710 million in unauthorized transactions, indicates that other financial institutions were also targeted.

After detecting the unauthorized activity Sinqia halted all transaction processing in its Pix environment and engaged outside cybersecurity forensics experts. The Brazilian Central Bank (BCB) disconnected Sinqia from the national payments infrastructure and blocked the company's access to the Brazilian Payments System (SPB) and Pix until full remediation and regulatory approval.

The Brazilian Central Bank managing to freeze R$350 million of the attempted theft. Additional recovery efforts are ongoing.

Massive $130 million attempted theft targets brazilian Fintech through stolen vendor credentials

Read More
Bank of America reports data breach of the …
SatoshiLabs Trezor Twitter account hacked due to phishing
Flexible HR Holdings reports data breach
Nigerian fintech Flutterwave loses 11 billion Nigerian Naira …
United Home Loans reports data breach