Cyber Incident Victim: Instituto Nacional de Câncer
Date:
Jan 2024
Location:
Brazil
Summary
A cyberattack compromised systems at the Instituto Nacional de Câncer, prompting the activation of security protocols and a precautionary shutdown of technology services to prevent further damage. Radiotherapy services and appointment scheduling were temporarily suspended, though scheduled consultations proceeded using manual record-keeping, and hospitalizations, surgeries, chemotherapy sessions, and intensive care operations continued unaffected. The organization emphasized its commitment to patient care while working to restore secure systems and resume normal operations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 27, 2024, a cyberattack compromised the technology systems of Brazil's National Cancer Institute (Inca) in Rio de Janeiro, prompting immediate operational disruptions. The institution activated its security programs upon detecting the intrusion but was forced to isolate affected technology services to prevent further damage propagation. This containment measure led to the suspension of radiotherapy services, a critical cancer treatment modality, with resumption contingent upon verification of system security prior to reactivation. Appointment scheduling systems were also disabled, halting new patient bookings across affected departments. Despite these outages, pre-scheduled consultations proceeded normally through manual documentation processes, including handwritten patient progress notes and prescriptions. Inpatient services, surgical procedures, chemotherapy sessions, and intensive care unit operations remained functional without reported interruptions, indicating targeted rather than institution-wide system compromise.
The attack necessitated sustained manual workarounds for core clinical functions, with no specified restoration timeline provided by Inca's communications team. Institutional focus centered on maintaining patient care continuity while technical teams conducted recovery operations, though radiotherapy remained offline pending system integrity validation. Inca publicly reaffirmed its commitment to patient welfare and service restoration, emphasizing close oversight of IT recovery efforts to minimize public service impacts. No threat actor attribution, data compromise details, or ransom demands were disclosed in available statements. The incident exposed vulnerabilities in critical healthcare infrastructure, with immediate consequences for cancer patients requiring radiotherapy and new appointment scheduling, while demonstrating residual operational resilience through unaffected treatment areas and manual clinical workflows.