Cyber Incident Victim: Câmara Municipal da Moita

On April 27, 2022, the Câmara Municipal da Moita in Setúbal District, Portugal, experienced a ransomware attack that compromised its entire municipal computer system. The attack occurred during the morning hours, prompting immediate activation of investigative protocols by municipal authorities. The municipality publicly confirmed the incident through an official statement published on its Facebook page later that same day. Technical teams initiated damage assessments while coordinating with national cybersecurity authorities. By the afternoon, the municipality had formally engaged the Centro Nacional de Cibersegurança (National Cybersecurity Center) and the Polícia Judiciária (Judicial Police) to assist with forensic analysis and incident response. This collaboration represented a standardized response protocol for critical infrastructure cyber incidents in Portugal.

The ransomware attack caused significant operational disruptions across municipal services, forcing the local government to implement service limitations for residents. While some critical functions remained operational, their availability became contingent upon the compromised technical infrastructure's status. The incident occurred amidst a broader wave of cyberattacks targeting Portuguese institutions that week, including the April 26 attacks on Garcia de Orta Hospital in Almada, the Jornal Económico newspaper, and the Unidade Local de Saúde do Litoral Alentejano healthcare provider. No data exfiltration or specific ransom demands were disclosed in the Moita attack announcement. Municipal officials maintained public communication exclusively through their Facebook channel while restoration efforts continued under guidance from national cybersecurity authorities.