Evertec Reports Unauthorized Activity in Pix System According to Sinqia SEC Filing
PorAinvest
martes, 2 de septiembre de 2025, 8:30 am ET1 min de lectura
EVTC--
On August 29, 2025, Evertec disclosed that its Pix transaction environment in Brazil processed approximately R$710 million in unauthorized Business-to-Business (B2B) transactions. The company stated that a portion of the amount has been recovered, and additional recovery efforts are ongoing. Preliminary forensic analysis indicates that the transactions were introduced using legitimate credentials of Sinqia IT vendors, which have since been terminated. The issue appears to be limited to Sinqia's Pix environment, with no unauthorized activity identified in other Sinqia systems and no indication of personal data compromise [1].
Evertec cautions that the financial and reputational impact, potential liability, insurance applicability, and effect on internal controls are not yet determined and could be material. The company has provided analyses to the Central Bank of Brazil (BCB) and the two impacted customers. The incident raises significant concerns about vendor governance and real-time monitoring of Pix transactions [1].
The unauthorized transactions, totaling approximately R$710 million, pose a substantial risk to Evertec's financial health and reputation. While the company has taken containment actions, such as terminating compromised vendor credentials, the full extent of the impact remains uncertain. The financial and reputational effects, potential liability, insurance coverage, and operational disruption risk are all areas of concern. The company's Pix environment serves 24 financial-institution customers, and any disruption to service could affect revenue recognition, customer retention, and potential claims [1].
Until Evertec discloses the amounts recovered, any liabilities, or impacts to internal controls, the financial effect remains indeterminate. The incident serves as a reminder of the critical importance of robust cybersecurity measures and the potential consequences of vendor credential compromise. Investors and financial professionals should closely monitor the situation and assess the potential long-term implications for Evertec's operations and financial performance.
References:
[1] https://www.stocktitan.net/sec-filings/EVTC/8-k-evertec-inc-reports-material-event-2e13e8f89cb8.html
Evertec Inc. reported unauthorized activity in its Pix System in a SEC filing. The company is a transaction processing company offering merchant acquiring, payment processing, and business process management services. Evertec operates through three segments: Merchant Acquiring, Payment Processing, and Business Solutions. Its ATH network is a PIN debit network in Latin America, serving financial institutions, merchants, corporations, and government agencies.
Evertec Inc., a prominent transaction processing company, has reported unauthorized activity in its Pix System in a recent SEC filing. The company, which offers merchant acquiring, payment processing, and business process management services, operates through three primary segments: Merchant Acquiring, Payment Processing, and Business Solutions. Its ATH network is a PIN debit network in Latin America, serving financial institutions, merchants, corporations, and government agencies.On August 29, 2025, Evertec disclosed that its Pix transaction environment in Brazil processed approximately R$710 million in unauthorized Business-to-Business (B2B) transactions. The company stated that a portion of the amount has been recovered, and additional recovery efforts are ongoing. Preliminary forensic analysis indicates that the transactions were introduced using legitimate credentials of Sinqia IT vendors, which have since been terminated. The issue appears to be limited to Sinqia's Pix environment, with no unauthorized activity identified in other Sinqia systems and no indication of personal data compromise [1].
Evertec cautions that the financial and reputational impact, potential liability, insurance applicability, and effect on internal controls are not yet determined and could be material. The company has provided analyses to the Central Bank of Brazil (BCB) and the two impacted customers. The incident raises significant concerns about vendor governance and real-time monitoring of Pix transactions [1].
The unauthorized transactions, totaling approximately R$710 million, pose a substantial risk to Evertec's financial health and reputation. While the company has taken containment actions, such as terminating compromised vendor credentials, the full extent of the impact remains uncertain. The financial and reputational effects, potential liability, insurance coverage, and operational disruption risk are all areas of concern. The company's Pix environment serves 24 financial-institution customers, and any disruption to service could affect revenue recognition, customer retention, and potential claims [1].
Until Evertec discloses the amounts recovered, any liabilities, or impacts to internal controls, the financial effect remains indeterminate. The incident serves as a reminder of the critical importance of robust cybersecurity measures and the potential consequences of vendor credential compromise. Investors and financial professionals should closely monitor the situation and assess the potential long-term implications for Evertec's operations and financial performance.
References:
[1] https://www.stocktitan.net/sec-filings/EVTC/8-k-evertec-inc-reports-material-event-2e13e8f89cb8.html
Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana.
Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero.
Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema
Comentarios
Aún no hay comentarios