Three Cyber Incidents in Mexico’s Financial System in 2025: Minimal Impact on Users and Institutions

Web Editor

December 14, 2025

a person typing on a laptop keyboard with a hand on the keyboard and a hand on the keyboard of the l

Background on the Mexican Financial System and Relevant Authorities

The Mexican financial system, overseen by the Bank of Mexico (Banxico), experienced three cyber incidents in 2025. These events affected automated teller machines (ATMs) across various banks and a popular financial society (sofipo). Despite these incidents, the impact on both users and institutions was minimal.

The Incidents

  1. April Incident: A cyber vulnerability affected the ATMs of a single bank. Although there was no economic impact on customers, the bank suffered a loss of 2.73 million pesos.
  2. June Incident: Another cyber vulnerability affected the ATMs of a different bank. Similar to the previous incident, customers were not economically affected, but the financial institution lost 30.5 million pesos.
  3. August Incident: A cyber vulnerability targeted the application of a third-party service provider for a sofipo. This incident affected electronic transfer services provided to a limited number of clients, with no economic impact on users. The extent of the loss to the institution remains unknown.

Response and Communication by Banxico

Through the Group of Response to Sensitive Information Security Incidents (GRI), Banxico issued four technical intelligence bulletins on cybersecurity to its regulated entities. These communications aimed to inform and guide the financial institutions in addressing cyber threats.

Key Questions and Answers

  • What were the three cyber incidents in Mexico’s financial system in 2025?

    The incidents affected ATMs across various banks and a popular financial society (sofipo). The first incident occurred in April, targeting a bank’s ATMs. The second took place in June, affecting another bank’s ATMs. Lastly, an August incident targeted a third-party service provider for a sofipo, impacting electronic transfer services.

  • What was the economic impact of these incidents on users and institutions?

    Despite the cyber incidents, there was minimal economic impact on users. The affected banks suffered financial losses: 2.73 million pesos in April and 30.5 million pesos in June. The August incident’s impact on the sofipo remains unknown.

  • How did the Bank of Mexico (Banxico) respond to these incidents?

    Through the Group of Response to Sensitive Information Security Incidents (GRI), Banxico issued four technical intelligence bulletins on cybersecurity to guide financial institutions in addressing cyber threats.

Truth. Clarity. Context.

We go beyond the headlines to bring you stories that matter, perspectives that challenge, and facts you can trust.

theaztecjournal.com

Lago neuchatel 45

© 2025 THE AZTEC JOURNAL

PRIVACY POLICY terms of service