Banco do Nordeste (BNB) temporarily suspended transactions via Pix after identifying a hacker attack on its infrastructure. The measure was adopted preventively while technical teams analyze the extent of the cyber attack and work on the safe resumption of service.
In a relevant fact disclosed to the Securities and Exchange Commission (CVM), the bank reported that the incident was detected this Tuesday (27) and that it immediately activated its security protocols. According to the institution, there is, to date, no evidence of data leaks or losses to customer accounts.
The attack occurred on the pocket account of a third-party company. Pocket accounts are an instrument that brings together resources from several users in a single account, without individual identification of the holders.
“For a more detailed analysis of the causes of the event and its impacts, the Pix service is temporarily suspended,” informed the BNB, adding that it maintains constant communication with the Central Bank (BC) to monitor the case.
Outsourced company
According to preliminary information, the attack exploited a vulnerability in an information technology service provider that acts as an intermediary in the bank’s operations. The action would have involved resources moved from a so-called “pocket account” linked to the outsourced company. The amount eventually diverted is still being accounted for by the technical area.
Banco do Nordeste stated that it is focused on resuming Pix transactions “as soon as possible” and reinforced its commitment to information security and transparency, promising to update the market on new developments.
The Central Bank, responsible for monitoring the functioning of the Pix system, has not yet officially commented on the episode. According to data from the monetary authority, this is the first occurrence involving Banco do Nordeste since the creation of the system. At the end of 2025, BNB had just over 11 million customers.
vulnerable link
Since last year, attacks on third-party service providers have become more frequent in the financial system, as they represent a potentially more vulnerable link in the technological chain. This type of strategy allows criminals to bypass large banks’ robust layers of protection by exploiting flaws in integrated systems.
The episode occurs in a context of increased investments in cybersecurity by financial institutions, driven both by the digitalization of services and the growth of Pix as the country’s main payment method. Last year, the BC suspended several companies that served banks and tightened security rules for payment institutions.
There is still no official forecast for the complete normalization of the service at Banco do Nordeste. The resumption of operations will depend on the completion of technical analyzes and validation of the affected systems, in coordination with the Central Bank, to ensure that transactions occur without additional risks to customers and the financial system.
