A recent cyber breach occurred on June 30, 2025, affecting C&M Software, a service provider for the Brazilian central bank, causing significant financial losses.
Incident Overview
C&M Software experienced a significant data breach when an employee allegedly sold access credentials, allowing hackers to infiltrate the company's systems. It is estimated that the theft resulted in losses of around $140 million, with $30-$40 million converted into cryptocurrency through OTC dealers in Latin America.
Law Enforcement Actions
In response to the incident, law enforcement agencies began freezing assets and issuing disconnection orders to firms utilizing the affected software. So far, approximately R$270 million (around $49.8 million) has been frozen. The Brazilian central bank confirmed the safety of its critical systems, while public comments from either C&M Software or the central bank remain limited.
Impact on Financial Infrastructure
This incident highlights the need for improved insider threat detection and cross-border cooperation to prevent similar occurrences in the future. Experts note that cyber attacks on financial institutions often involve insider access and rapid conversion of stolen funds into cryptocurrency.
The cyber attack on C&M Software underscores vulnerabilities within Brazil's financial infrastructure and the urgent need for enhanced protective measures. The situation calls for active responses from authorities and businesses to prevent similar incidents in the future.
