BTG Pactual detected atypical Pix activities on the morning of Sunday, March 22, 2026, leading to a temporary suspension after hackers diverted about R$ 100 million. The bank states no client accounts were accessed or data exposed. Most of the amount has already been recovered.
BTG Pactual faced a hacker attack on the morning of Sunday, March 22, 2026, involving atypical Pix transactions that diverted about R$ 100 million. As a precaution, the bank temporarily suspended Pix operations while investigating. The initial alert came from the Central Bank, whose systems were unaffected and Pix continued operating normally elsewhere, per the BC. In an official statement, BTG Pactual said: “O BTG Pactual informa que identificou na manhã deste domingo (22/03) atividades atípicas relacionadas ao PIX. O banco esclarece que não houve acesso a contas de clientes e nenhum dado de correntista foi exposto. Enquanto investiga o caso, por medida de precaução, as operações por PIX estão suspensas. O BTG Pactual reforça, ainda, que a segurança das informações é prioridade e está disponível em caso de dúvidas em seus canais de atendimento.” Reports indicate most of the diverted funds have been recovered, with 30% to 40% of the total — about R$ 20 million to R$ 40 million — still in restitution process. This is not BTG's first security incident: in 2024, the Central Bank identified a leak of over 8,000 Pix keys, exposing customer data like names, branches, account numbers, and CPFs. Brazil's financial sector has seen other recent attacks, such as one on C&M Software diverting over R$ 813 million.
