C&M

A cyberattack targeted C&M, a software company facilitating PIX transactions in Brazil, resulting in the diversion of over 540 million Brazilian reais (approximately $100 million) from the banking system. The breach involved unauthorized access to PIX systems, orchestrated by hackers who recruited an IT employee, João Roque, to sell his credentials. The attack occurred in a single night, affecting financial institutions but not end clients. Authorities have blocked 270 million reais linked to the scheme and are investigating additional suspects. The Central Bank suspended part of C&M's operations as a precautionary measure.

Source: https://www.livemint.com/companies/news/police-in-brazil-arrest-a-suspect-over-100m-banking-hack-11751656713591.html

TPRM report: https://scoringcyber.rankiteo.com/company/c&m-engineering-s-a-

"id": "c&m946080725",
"linkid": "c&m-engineering-s-a-",
"type": "Breach",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Financial Services',
                        'location': 'Brazil',
                        'name': 'C&M',
                        'type': 'Software Company'},
                       {'industry': 'Banking',
                        'location': 'Brazil',
                        'name': 'Financial Institutions using PIX',
                        'type': 'Financial Institutions'}],
 'attack_vector': 'Social Engineering, Unauthorized Access',
 'description': 'A cyberattack diverted over 540 million Brazilian reais '
                "(about $100 million) from Brazil's banking systems by "
                'targeting C&M, a software company that connects financial '
                'institutions to the Central Bank for PIX transactions. The '
                'breach involved unauthorized access to PIX systems, '
                'facilitated by an insider who sold credentials to hackers.',
 'impact': {'financial_loss': '540 million Brazilian reais (about $100 '
                              'million)',
            'operational_impact': 'Suspension of part of C&M’s operations',
            'payment_information_risk': 'High',
            'systems_affected': 'PIX payment system'},
 'initial_access_broker': {'entry_point': 'Social Engineering',
                           'high_value_targets': 'PIX payment system'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'root_causes': 'Unauthorized access to security '
                                           'credentials through social '
                                           'engineering'},
 'references': [{'source': 'Associated Press'}],
 'response': {'containment_measures': 'Suspension of part of C&M’s operations',
              'incident_response_plan_activated': 'Yes',
              'law_enforcement_notified': 'Yes'},
 'threat_actor': 'Unknown hackers, including João Roque (insider)',
 'title': "Cyberattack on Brazil's PIX Payment System",
 'type': 'Financial Fraud, Insider Threat',
 'vulnerability_exploited': 'Unauthorized access to security credentials'}

C&M

Tangoe US Inc.: Tangoe Data Breach Class Action Settlement

MetroWest Community Federal Credit Union, Lynch Carpenter and LLP: MetroWest Community Federal Credit Union Data Breach Claims Investigated by Lynch Carpenter

CGI Sverige: Sweden probes reported leak of e-government platform source code