Cyber Incident Victim: Atacama Large Millimeter Array Observatory

On October 29, 2022, the Atacama Large Millimeter Array (ALMA) Observatory in Chile experienced a cyberattack that forced the suspension of all astronomical observation operations. The observatory took its public website offline and implemented limited email services as part of its initial response. IT specialists immediately began working to restore affected systems, though the organization stated via a November 2, 2022, Twitter announcement that they could not estimate a timeline for resuming normal operations due to the incident's severity. ALMA confirmed the cyberattack did not compromise its 66 radio telescope antennas or any scientific data collected by the facility. Investigators found no evidence of unauthorized data access or exfiltration during the breach. A spokesperson emphasized that while their IT team had prepared infrastructure to address such incidents, "no flawless defense against hackers" exists. Restoration efforts remained ongoing at the time of reporting, with the organization declining to disclose specific technical details due to the active investigation.

The cyberattack disrupted one of astronomy's most significant research facilities, a $1.4 billion international collaboration operating since 2013 from Chile's 5,000-meter-high Chajnantor Plateau. ALMA's contributions include pioneering black hole imaging and detecting potential biomarkers in Venus's atmosphere. The operational suspension impacted global scientific teams reliant on the observatory's capabilities for ongoing research projects. ALMA directed users to monitor the National Radio Astronomy Observatory (NRAO) website and its social media channels for service restoration updates while maintaining transparency about recovery challenges. The incident highlighted vulnerabilities in critical scientific infrastructure despite preparedness measures, though core astronomical assets remained functionally and data-secure throughout the event.