Evertec Inc. (NYSE: EVTC) disclosed that it discovered potential unauthorized access to customer data on May 13, 2026. The financial technology company initiated cyber incident response protocols and notified federal law enforcement authorities following the discovery.

According to the company's statement, an unauthorized party obtained certain information through a third-party support platform. The compromised data includes transaction records from financial institution clients, payment card numbers, and customer names and contact information in some cases.

Evertec stated that the incident primarily affected financial institution clients in Puerto Rico and their customers. The company reported taking steps to contain the incident and secure its systems, noting that the unauthorized party no longer has access to the third-party support platform.

The company engaged external cybersecurity experts to assist with the investigation and response efforts. Evertec is communicating with affected financial institutions and providing support as it continues to assess the scope of impacted information.

No operational disruption or service interruption has occurred to date, according to the company. Evertec expects to incur expenses related to the investigation and remediation of the matter. While the company maintains cybersecurity insurance, it has not determined the extent of potential liabilities or the applicability of coverage.

The full scope of impacted data remains under forensic investigation and is subject to change as the assessment continues, the company stated.