Brazil’s central bank said on Wednesday that technology services provider C&M Software, which serves fina
ncial institutions lack connectivity infrastructure, had reported a cyberattack on its systems.
The bank did not provide further details of the attack, but said
in a statement that it ordered C&M to shut down financial institutions' access to the infrastructure it operates.
C&M Software commercial director Kamal Zogheib said the company was a direct victim of the cyberattack, w
hich involved the fraud use of client credentials in an attempt to access its systems and services.
C&M said critical systems remain intact and fully operational, adding that all security protocol measures had been i
implemented. The company is cooperating with the central bank and the Sao Paulo state police in the ongoing investigation, added Zogheib.
Brazilian financial institution BMP told Reuters that it and five other institutions experienced unauthorized acce
ss to their reserve accounts during the attack, which took place on Monday.
BMP said the affected areas are held directly at the central ban
k and used exclusively for interbank settlement, with no impact on client accounts or internal balances.
Watch More Image Part 2 >>>
BMP added it has taken all necessary operational and legal steps and holds sufficient collateral “to fully cover the imp
act amount, without any harm to its operations or business partners.”
An official familiar with the ongoing investigation, who spoke on condition of anonymity, said C&M provides services to
around two dozen small financial institutions, and the amounts involved in the attack do not reach into the billions of reais.
