Brazil Central Bank Responds to $140M Heist That Breached Key Technology Supplier

Last Updated:
Brazil Central Bank Acts After $140M Crypto-Fueled Heist
  • Hackers breached six reserve accounts via C&M Software, extracting about $140M on June 30, 2025.
  • Over $30M was laundered into crypto using OTC brokers and PIX-linked platforms.
  • An insider sold credentials for R$ 15K, enabling real-time control via Notion.

Hackers stole approximately $140 million (R$ 800 million) by breaching reserve accounts of six Brazilian financial institutions through infrastructure provided by C&M Software, a technology supplier connected to the country’s Central Bank. The breach took place on June 30, 2025.

At least $30–40 million of the stolen funds were converted into cryptocurrencies, including Bitcoin, Ethereum, and Tether. The conversion was carried out via Latin American over-the-counter (OTC) brokers and crypto exchanges. Investigators suspect laundering routes tied to Brazil’s PIX payment infrastructure.

Brazilian law enforcement confirmed that the breach stemmed from internal compromise. A C&M Software employee, identified as João Nazareno Roque, admitted selling his corporate credentials to one of the attackers for R$ 5,000. The initial contact occurred in March, when the suspect showed detailed knowledge of Roque’s job. Later, Roque received an additional R$ 10,000 to execute commands inside the system. Instructions were delivered via the Notion platform, and payments were made in physical currency through a courier.

C&M Software Resumes Operations as Crypto Asset Recovery Efforts Continue

The Central Bank reacted by ordering C&M Software to suspend access temporarily. By July 3, the company resumed limited operations under supervision. The impacted reserve accounts belong to institutions that used C&M Software to interface with the Central Bank’s systems. The Central Bank’s internal infrastructure was not directly compromised.

Related  Europe’s Central Bank Just Flipped – XRP Holders MUST Pay Attention

Law enforcement continues to trace the stolen funds. Several exchanges have received alerts requesting the freezing of crypto assets tied to the case. Some addresses remain under review, and asset recovery is ongoing.

Despite the breach’s scale, international media coverage has remained limited. In Brazil, the incident has triggered broader discussions on fintech cybersecurity, third-party provider risks, and regulatory oversight. C&M Software confirmed its cooperation with police. The case remains under active investigation.

Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.


CoinStats ad