🕒 Last updated on July 3, 2025

A major cyberattack has hit C&M Software, a technology company in Brazil that supports many small financial institutions. These institutions rely on C&M because they don’t have their own direct connection to Brazil’s central bank systems. On Wednesday, July 2, Brazil’s central bank announced that this attack affected reserve accounts used by several financial institutions.

After learning about the attack, the central bank took immediate action. It ordered C&M Software to stop providing access to the financial institutions connected through its systems. This step was taken to protect other systems and accounts from being affected by the attack.

C&M Software confirmed that it was the direct target of the cyberattack. According to the company, someone used fake client credentials to try to access their systems. That means someone pretended to be a legitimate client to get into secure systems. This is a serious security issue because even a small gap in protection can be exploited by cybercriminals.

C&M Software has said that its most important systems are still safe and fully working. The company also says it has turned on all of its security protocols to protect its network. They are now working with the central bank and the police in São Paulo, Brazil’s largest city, to find out who was behind the attack and how it happened.

Impact on Financial Institutions

One of the financial institutions affected by the cyberattack was BMP, which confirmed that they, along with five other financial firms, had someone get into their reserve accounts. These reserve accounts are special types of accounts that are used only for settling payments between banks. They are held directly at the central bank and do not involve everyday customer accounts or the money people keep in their savings or checking accounts.

This means no personal customer data or money was touched. The impact was limited to back-end systems that banks use to transfer funds among themselves. That’s still serious, but not as damaging as if personal bank accounts had been breached.

🛑 Sanctions Slam Aeza! U.S. and UK Team Up to Shut Down Russia’s Ransomware Powerhouse

BMP has said that it took all the necessary steps, both legally and operationally, to deal with the situation. The company also stated that it has enough financial coverage to handle the issue without any impact on its business or partners.

While the central bank did not share how much money was affected by the cyberattack, a person involved in the investigation revealed that the amount was not in the billions of reais (the Brazilian currency). Another person close to the case confirmed that no client lost any money as a result of this incident.

What Kind of Institutions Were Targeted?

The central bank used a term that might sound complicated: “financial institutions that do not have their own connectivity infrastructure.” In simple terms, these are smaller digital banks or payment companies that depend on third-party services—like those offered by C&M Software—to connect to the central bank’s systems.

These types of digital institutions are growing fast in Brazil, especially because of the Pix system. Pix is a real-time payment tool that was introduced by the central bank in 2020. It lets people transfer money quickly and easily using their phones or computers. Today, Pix is the most widely used payment system in Brazil. Many smaller financial companies use Pix to provide low-cost and fast services to customers.

Because these smaller institutions don’t have the same level of resources as big banks, they rely on external technology providers like C&M Software to help them connect to Pix and other financial networks. That’s what made this cyberattack so dangerous. If criminals can break into a tech provider’s system, they might be able to access many banks through just one entry point.

For now, the Brazilian central bank, C&M Software, and state police are continuing to investigate the cyberattack. Their goal is to understand exactly what happened and how to prevent something like this from happening again. The situation is under control, and all major systems are still running.

This incident serves as a strong reminder of how cybersecurity is crucial for protecting even the systems we don’t see like those used between banks.