Cyber Incident Victim: Republic of Angola
Date:
Apr 2025
Location:
Angola
Summary
The official website of Angola's National Assembly was compromised by a cyberattack claimed by the hacker group CyberTeam, which stated the intrusion was carried out just for fun. The group said it had previously accessed databases of Cabo Verde's National Assembly and several Angolan entities, including the Ministry of Finance, the National Traffic and Road Safety Police, the National Statistics Institute, the Telecommunications Institute and INFOSI. Identifying itself as part of the 'Exército Cibernético da Comunidade dos Países de Língua Portuguesa', CyberTeam shared links to its Discord and X accounts to gain visibility. Angolan authorities have not issued an official statement and no information about sensitive data leakage has been released. The incident underscores the need for stronger digital defenses in public institutions and highlights the vulnerability of critical infrastructure in Portuguese‑speaking countries to expanding cyber threats.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On Wednesday, April 30, 2025, the official website of Angola's National Assembly was compromised by a cyberattack. The attack was claimed by the hacker group that calls itself CyberTeam. A message left on the site's main page stated that the intrusion was carried out "just for fun". The group identified itself as part of the "Cyber Army of the Community of Portuguese-Speaking Countries (ECCPLP)" and shared links to its Discord and X communities to gain visibility.
In its statement, CyberTeam claimed to have previously breached databases of the National Assembly of Cape Verde and several Angolan entities, including the Ministry of Finance, the National Traffic and Road Safety Directorate of the National Police, the National Institute of Statistics, the Institute of Telecommunications, and the Public Institute of Service Provision with Scientific and Technological Development Character (INFOSI). The attackers wrote provocatively, asking what the next target for their amusement might be, suggesting Unitel as a possibility. They described the action as being done for amusement rather than for any specific gain.
The defacement raised concerns about the cybersecurity posture of Lusophone government institutions and highlighted the vulnerability of critical infrastructure in Portuguese‑speaking countries amid expanding cyber threats. Angolan authorities had not issued an official statement about the incident, and no information had been released regarding any leakage of sensitive data. The article noted that the attack reinforces the urgency of strengthening digital protection measures in public institutions.