Portuguese 
English 
Spanish 
4 min of reading 
0 comments 
Two Attacks In Less Than Two Days Expose Vulnerability Of The Brazilian Banking System And Accelerate Security Measures Package From The BC
In less than 48 hours, the Central Bank of Brazil (BC) issued a security alert. The announcement on September 7, 2025 (Sunday) confirmed that hackers attacked Banco Triângulo S.A. (Tribanco) and diverted funds.
This incident occurred shortly after the first warning. After all, on September 6, 2025 (Saturday), the BC had already reported a hacker attack against E2 Pay, an unauthorized company.
Attack Against Tribanco Exposes Growing Risk
The Central Bank declared that criminals diverted resources from Tribanco. The bank belongs to the Martins wholesale group, which offers credit and financial solutions for retail.
-
Trump threatens Brazil with a 25% tariff and uses illegal deforestation as an argument to pressure exports; US report accuses environmental failures, while recent decline in the Amazon exposes a dispute that could impact Brazilian trade and politics.
-
Havan, the retailer from Santa Catarina owned by Luciano Hang, will offer a contract of R$ 40,000 to whoever produces the best video in tribute to the company’s 40th anniversary, in a national influencer contest open to anyone with a profile on Instagram or TikTok.
-
After criticizing millions who receive Bolsa Família, Luciano Hang is considering opening stores in Paraguay while predicting a ‘collapse’ in Brazil with the end of the 6×1 work schedule and the conviction that ‘only a disaster’ would save the country; the owner of Havan talks about an explosion in inflation, a cost increase of up to 20%, and risks for thousands of Brazilian companies.
-
Giant Serie A club of the Brasileirão undergoes mass layoffs, putting up to 90 people out on the street and promoting a “silent reorganization” after the arrival of the SAF, affecting strategic sectors and causing a strong atmosphere of tension behind the scenes of Brazilian football.
Although the impact has generated concern, Tribanco stated that there was no leakage of registration data. In addition, the institution explained that it strengthened internal cybersecurity protocols and enhanced real-time monitoring.
The bank emphasized that it blocked a significant portion of the improper transfers by Pix with other institutions. Thus, it reduced some of the damage.
First Alert Involved E2 Pay
However, the Tribanco incident was not the first. After all, the day before, September 6, the Central Bank notified of an attack against E2 Pay.
The lawyer Guilherme Carneiro, representative of the company, told the newspaper Folha de S.Paulo that the diverted amount is still under investigation. The company emphasized that no customer accounts were compromised.
Nonetheless, market participants claim that criminals spread the amounts across about 400 bank accounts, possibly used by straw men. This method complicated tracking.
Context Of Operation Hidden Carbon
These attacks increased just after the Operation Hidden Carbon, launched on September 5, 2025. The Public Prosecutor’s Office of São Paulo and the Federal Revenue coordinated the action.
The investigations revealed that the PCC (First Command of the Capital) expanded its business in fuel companies and financial institutions. Furthermore, the operation targeted companies in Faria Lima, the financial hub of the country.
In this regard, the Central Bank emphasized that it is acting in cooperation with law enforcement and the Public Prosecutor’s Office to strengthen the national financial system.
Emergency Measures Announced By The Central Bank
The Central Bank, aware of the seriousness of the risks, announced on September 5, 2025 an emergency cybersecurity package. Among the main measures are:
- Limit transfers via Pix and TED to R$ 15 thousand at unauthorized payment institutions;
- Require multiple layers of authentication in all payment systems;
- Impose stricter rules for the accreditation of information technology service providers (PSTI);
- Restrict operations without prior authorization from the Central Bank;
- Determine immediate blocking of suspicious amounts at cryptocurrency exchanges.
With this, the agency aims to close gaps exploited by cybercriminals and ensure the security of the National Financial System Network (RSFN).
Recent History Of Attacks Against The Financial System
In addition to the weekend incidents, other attacks marked the year of 2025:
- In August, criminals diverted R$ 710 million from Sinqia. However, more than 80% of the amount returned to the system.
- On June 30, hackers attacked C&M Software and caused billion-dollar losses. Therefore, experts classified the case as one of the most severe of the year.
- The Gaucho fintech Monbank also suffered an attack, although the losses have not yet been fully detailed.
These episodes show that large financial companies face constant risks, which pressures for stricter technological solutions.
Reactions From The Sector And Next Steps
After the alerts, the Central Bank advised institutions to strengthen real-time monitoring of all financial transactions. In addition, it determined that banks immediately block suspicious operations in the SPI (Instant Payment System).
The agency emphasized that cooperation between banks, fintechs, and law enforcement is essential. Therefore, experts assess that recent attacks would undermine customer trust without swift and effective measures.
The Pix, although one of the greatest advances of the Brazilian financial system, has become a frequent target of cybercriminals. Thus, pressure is increasing for additional layers of protection.
What To Expect Going Forward?
Analysts state that Brazil is at a decisive moment. The country needs to balance technological innovation and protection against cybercrimes. While digitalization brings efficiency, it also requires constant regulation and security.
The Central Bank assures that it will continue implementing digital protection measures. Furthermore, it states that it will enhance cooperation with investigation agencies to combat the increasing attacks.
However, the question remains: will the Brazilian financial system be able to shield itself definitively against increasingly sophisticated digital attacks?
Be the first to react!