Cyber Incident Victim: Intendencia Paysandú

On July 24, 2024, the Intendencia de Paysandú (Paysandú Departmental Government in Uruguay) experienced a cyberattack that resulted in the complete loss of all stored information and paralyzed multiple critical departmental services. The attack was confirmed by Intendant Nicolás Olivera, who disclosed that unidentified hackers demanded a ransom payment of US$650,000 to restore access to the compromised data. The incident rendered government systems inoperable, disrupting administrative functions and public-facing operations. No technical details about the attack vector or specific compromised systems were disclosed publicly. The intrusion caused immediate operational paralysis, affecting an unspecified range of municipal services essential for daily governance.

The departmental government refused to negotiate with or pay the attackers, opting instead to prioritize internal recovery efforts to rebuild systems and restore services. Technical teams worked continuously following the attack to reconstruct lost data and reinstate functionality across affected infrastructure. As of July 26, 2024, recovery operations remained ongoing, with services still partially or fully unavailable due to the severity of the data loss. The incident represented a significant operational crisis for the municipality, though no evidence suggested broader data exfiltration beyond the ransomware encryption. Olivera’s public confirmation marked the sole official acknowledgment of the attack’s scope and the administration’s non-negotiation stance.