CGU, PRF and IFPR confirm cyber attack

bitheerani93 · Post by **bitheerani93** » Wed Apr 23, 2025 3:55 am

The Comptroller General's Office (CGU), the Federal Highway Police (PRF) and the Federal Institute of Paraná (IFPR) confirmed this Tuesday (14) that they were also targets of cyber attacks last Friday (10), the same day that the websites of the Ministry of Health and ConecteSUS went offline. The agencies confirmed the information to Tilt .

All attacks occurred on Friday afternoon (10). In a statement, IFPR said that the attack was “very serious” and affected all systems. “Over the weekend, the DTIC (Information and Communication Technology Directorate) slovenia mobile database worked to restore backups and reconfigure systems. The focus was on recovering the most critical websites and systems for the institution. By 6 pm this Sunday (12), the team had already managed to recover the rectory website, campus websites, and internal systems,” he told Tilt.

“As a matter of routine, DTIC performs backups of systems and databases every morning and the last backup we had was from the morning of the 10th.” The institute emphasizes that the systems may present instability in the coming days.

The PRF reported that it had experienced a “security incident” in its database, but that there was no information leak. “From the moment the incident was identified, it was immediately blocked. Teams of PRF technicians are working around the clock to restore their systems through backups.”

Finally, CGU reported that its cloud service underwent an attempted hack, but there was no data loss.

Server Login
The Institutional Security Office (GSI) of the Presidency reported, in an alert sent to the ministries, that “some cases of intrusion occur with the use of legitimate administrator profiles”. During the investigation, the GSI recommended that the government’s cybersecurity managers immediately block the passwords of employees who are on vacation or leave, adopt a “minimum privilege policy” for users and reevaluate backup policies.

Attack on SUS systems
The Health Ministry's systems have been offline since Friday following a cyberattack. When users tried to access the agency's website, they found the message: "Internal data from the systems has been copied and deleted. 50 TB of data is (sic) in our hands." The Lapsus$ Group claimed responsibility for the attack.

On Sunday (12), the Ministry of Health announced that the data and records of vaccination against covid-19 were fully recovered. Just three days after the first attack by criminals, the Ministry's systems suffered another attack.