A cyberattack targeting C&M Software, a technology provider that connects financial institutions to Brazil's Central Bank and the Pix instant payment system, resulted in the theft of at least R$ 541 million (approximately USD 100 million) from reserve accounts of multiple banks, including BMP, Bradesco, and Credsystem. The breach occurred on June 30, 2025, involving 166 unauthorized Pix transactions funneling stolen funds into 29 companies, some newly created, and laundering through cryptocurrencies like Bitcoin. The attack affected at least six to eight financial institutions, causing temporary disruption of Pix services for thousands of customers, though no individual client accounts were compromised. The Central Bank suspended three financial institutions from Pix operations due to suspected involvement. Brazilian Federal Police and São Paulo Civil Police have launched investigations, leading to the arrest of a suspect who worked for a third-party IT company contracted by C&M Software. The suspect allegedly received R$ 15,000 to provide system access to hackers and admitted facilitating the breach. Authorities have recovered a portion of the stolen funds, including R$ 18 million repatriated by BMP bank. The estimated total financial damage from the attack ranges between R$ 800 million and R$ 1 billion, with some reports suggesting potential losses up to R$ 3 billion. The incident is considered one of the largest cyberattacks in Brazil's financial history and has prompted heightened scrutiny of security in the country's banking infrastructure.