Portugal Archives - ICSSTRIVE

Cyberattack Suspends Clinical Activity in Madeira Health Service

August 6, 2023

Cyberattack forces suspension of clinical activity in the Madeira Health Service. Non-urgent clinical activity will be suspended on Monday.
The Madeira Health Service (SESARAM) was the target of a cyber attack that caused a “dysfunction in its computer network”, said the institution, informing that non-urgent clinical activity will be suspended on Monday 7 August. The institution stated: “All non-urgent clinical activity will be suspended for the day tomorrow [Monday, August 7].” This includes consultations, scheduled surgeries and clinical analyzes and complementary means of diagnosis.

The attack compromised compromised the personal data of more than 250,000 Madeirans and 10,000 foreigners. Although there is no ransom demand for the information, the attack has already been claimed by the Rhysida group.

Lockbit Attacks Portuguese Water Utility Company

February 8, 2023

Águas e Energia do Porto said on February 8 it had been hit with a cyberattack, with its security team able to limit the damage. Public water supply and sanitation were not affected by the attack.

The LockBit group added the company to its leak site on February 18, according to cybersecurity expert Dominic Alvieri. LockBit gave the utility until March 7 to pay a ransom, threatening to publish stolen information from Águas e Energia do Porto systems if the deadline passed without payment.

“Due to the incident, some customer services suffered constraints,” the utility said. The company was still able to process customer requests at in-person service desks, and it urged people to get virtual service tickets that could be obtained instead of standing in line.

The utility did not respond to requests for comment about an update on the situation.

TAP Air Portugal Hit by Ragnar Locker Ransomware Gang

August 25, 2022

The Ragnar Locker ransomware gang has claimed an attack on the flag carrier of Portugal, TAP Air Portugal. The airline disclosed this after its systems were hit on Thursday night. TAP initially said the attack was blocked. The company said it found no evidence indicating the attackers gained access to customer information stored on impacted servers.

In September the airlines told customers on Thursday that hackers had stolen some of their personal data and published it on the dark web. The state-owed airline said all payment details appeared to be safe.

Port of Lisbon Suffered Cyberattack over Christmas

December 25, 2022

The administration of the Port of Lisbon suffered a cyberattack over Christmas. The Portuguese authorities didn’t specify the nature of the attack or who was behind it. However, the LockBit ransomware gang uploaded Port of Lisbon to its leak site, a darknet website where cybercriminals announce their victims. The gang claims to have stolen all of the data available on the port’s systems. Threat actors intentionally publicize what data was stolen to force victims into paying the ransom. LockBit demands close to $1.5m to download or destroy the data.

Cyberattack Cuts Service for Vodafone Portugal

February 7, 2022

Vodafone Portugal, one of the country’s top telecommunications companies, said Tuesday it suffered a cyberattack, while no confidential customer ended up compromised.
“A deliberate and malicious cyberattack aimed at causing damage and disruption” was underway, the company said.
The attack Feb. 7 affected the company’s 4G and 5G services, fixed line and SMS services, and digital and voice customer services, the company said.
The company hadn’t received any ransom demand that would indicate it was hit by a ransomware attack. The CEO also said he had no indications the attackers had accessed subscriber information or other sensitive data. Specifics of the attack remain unknown.

EDP Ransom Attack

April 13, 2020

10TB of sensitive data stolen and threatened to publish. Requested ransom of 1,580 BTC (Bitcoin – a value of €9.9MM)