Banco Rendimento Cyberattack: Client Channels Breached at Brazil FX and Credit Lender

The Banco Rendimento cyberattack is the latest in a sector-wide pattern that the Central Bank has sought to close with stricter penetration-testing requirements following a costly 2025.

The Rio Times, the Latin American financial news outlet, reports that the Banco Rendimento cyberattack was identified by the bank’s information-security team on the morning of Tuesday, April 21, and officially disclosed on Wednesday, April 22 in a formal note to the market. The institution — a São Paulo-based lender specialized in foreign exchange, corporate credit, and payment infrastructure — described the event as a contained security incident that affected “some client-access channels” and “some accounts.” Operations were restored by Wednesday and the case was reported to Brazilian authorities.

Banco Rendimento declined to disclose the number of clients affected or any financial impact of the intrusion. In its public statement, the institution said the information-security and technology teams “acted immediately to isolate the threat” and that protective measures had been reinforced to prevent future occurrences. The bank also reiterated its “continuous commitment” to cybersecurity best practices and data protection.

What the Banco Rendimento cyberattack means for Brazilian banking

Banco Rendimento is not a retail giant, but its balance sheet is large enough that the incident matters for sector supervision. The institution closed 2025 with R$4.6 billion in total assets, a R$2.4 billion expanded credit portfolio, R$106 million in net income, and a return on equity of 19.7% — metrics that place it among the mid-sized specialized private banks that have driven much of Brazil’s foreign-exchange and cross-border payments innovation since the mid-2010s. Founded in 1992, the institution serves primarily corporate and high-net-worth clients.

The bigger context is the sector-wide cyber risk. Central Bank Executive Secretary Rogerio Lucca told the Senate in late 2025 that Brazil’s national financial system had suffered at least eight cyber incidents during the year, with total losses of approximately R$1.5 billion. Most of the 2025 incidents were concentrated in July and August and targeted payment-infrastructure providers — known in Brazilian regulation as PSTI — rather than retail banks directly.

In response, the Central Bank tightened cybersecurity rules in late 2025, introducing mandatory annual independent penetration-testing requirements for financial institutions and fintechs. The new regulation requires banks to simulate offensive cyber attacks against their own systems on a yearly basis and to document the results for supervisory review, with Brazilian institutions that fail to meet the standard exposed to Central Bank sanctions.

Why cyber risk and banking scandals are compounding

The Banco Rendimento cyberattack sits inside a broader moment of strain for Brazilian banking reputation. The Central Bank’s November 2025 liquidation of Banco Master, followed by the ongoing Compliance Zero prosecution implicating BRB’s former president in a R$146.5 million bribery scheme, has raised questions about the combined credit-and-operational risk posture of mid-sized private institutions. The cyber incidents of 2025 compounded those concerns by highlighting that operational vulnerabilities can travel through integrated payment infrastructure.

The regulatory response has shifted toward structural mitigation. In addition to the 2025 penetration-testing rules, the Central Bank has expanded disclosure requirements for cyber incidents, shortened reporting windows, and strengthened the authority of the Brazilian financial system’s cybersecurity coordinator. International investors tracking Brazilian bank credit spreads and share prices have consequently focused more closely on operational-risk disclosures in recent quarters.

For clients of the affected institution, the standard post-incident checklist applies: change online-banking passwords once access is restored, monitor account statements for unusual activity, and beware of phishing attempts that exploit public news of the incident. Banco Rendimento has stated that it will not request client credentials by telephone or email under any circumstances. The broader Brazilian banking context in 2026 is covered in The Rio Times’s Investing in Brazil 2026 guide.

What the next steps look like

Brazilian authorities have begun routine post-incident review procedures. The Banco Rendimento cyberattack report, filed with the Central Bank and Brazil’s National Data Protection Authority, will be examined for evidence of systemic vulnerabilities in the affected payment rails, and the results will feed into the 2026 cybersecurity review cycle. If the intrusion traced back to a third-party payment provider, the case could become a reference point for the next round of PSTI rulemaking.

The Banco Rendimento cyberattack is the first publicly disclosed Brazilian bank cyber incident of 2026, and it arrives five months after the tighter regulatory regime entered force. How quickly regulators trace and remediate the vulnerability — and whether additional institutions report similar incidents in coming weeks — will determine whether 2026 replicates the 2025 pattern of concentrated summer incidents or follows a more benign path. Brazilian banking shares have not shown a broad cyber-risk repricing in response to the Rendimento disclosure, but institutional investors are watching the Central Bank’s supervisory communication closely.

Related coverage: Brazil Economic Outlook 2026: Definitive Guide • Investing in Brazil 2026: A Guide for International Capital