Cyber Incident Victim: Gondomar Municipality

A cyberattack occurred during the week preceding October 1, 2024, targeting the network infrastructure of the Agência para a Modernização Administrativa (AMA), a Portuguese governmental agency responsible for administrative modernization. This incident caused widespread disruption to multiple digital platforms and portals operated by the Portuguese state, rendering them inoperable. The attack’s impact persisted beyond the initial intrusion, with several critical services remaining offline as of October 1st. While the exact technical vector of the attack remains unspecified in public reports, the compromise of AMA’s network infrastructure acted as a central point of failure, cascading outages across dependent systems. The incident disrupted public access to essential digital services, though the specific nature of these services—beyond their classification as state-operated platforms—was not detailed in available reporting.

The Portuguese government initiated a coordinated response to restore functionality, announcing by October 1st that a majority of affected services had resumed operations. Concurrently, authorities engaged internationally recognized forensic audit teams to conduct a thorough investigation into the attack’s origin, methodology, and full scope. No attribution to specific threat actors or groups was disclosed at this stage. The government’s public communications emphasized operational recovery efforts but did not elaborate on specific containment measures taken during the incident response phase. The engagement of external forensic experts indicates a focus on determining the attack’s technical pathways and identifying potential vulnerabilities exploited within the AMA network. Service restoration remained the primary publicly acknowledged priority, with no further details provided regarding long-term remediation strategies or the total duration of the disruptions prior to partial recovery.