Cyber Incident Victim: Agência Nacional do Petróleo, Gás Natural e Biocombustíveis

On August 4, 2022, the Brazilian National Petroleum, Natural Gas and Biofuels Agency (ANP) detected an attempted cyberattack against its digital infrastructure. The agency responded by taking affected systems offline on August 5 to conduct a cybersecurity risk assessment, resulting in partial unavailability of its official website. Critical public-facing services became inaccessible, including portals for accessing agency systems, consulting fuel price surveys, and processing electronic documents through the Electronic Process portal. The disruption persisted through at least August 8, with ANP issuing a press release confirming ongoing restoration efforts characterized by cautious, methodical recovery procedures to ensure system integrity. Technical teams prioritized security evaluations before reactivating services to prevent potential residual threats from compromising systems further.

By August 9, ANP successfully restored its Electronic Information System (SEI), a platform essential for internal administrative processes and document management. However, multiple public services remained offline, continuing to impede access to fuel price data and electronic filing capabilities. The outage affected public and industry stakeholders who rely on these platforms for regulatory compliance and market information. No data theft or additional attacker objectives were disclosed in available reports. ANP maintained operational transparency through periodic updates while withholding technical specifics about the attack vector or potential threat actors. Restoration work continued beyond the initial five-day period, with no confirmed timeline provided for full recovery of all impacted systems at the time of reporting.