Cyber Incident Victim: Fiscalía General del Estado de Michoacán
Date:
Mar 2025
Location:
Mexico
Summary
The Fiscalía General delEstado de Michoacán's website was targeted by a cyber attack that disrupted the public display of at least fifteen microsites while leaving internal systems, databases, and critical services untouched. The institution's cybersecurity team detected the malicious activity and contained it, confirming that no sensitive or personal data was exposed or lost. After analysis, the affected microsites were restored and preventive and corrective measures were strengthened across the technological infrastructure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Sunday, March 30, 2025, the cybersecurity team of the Fiscalía General del Estado de Michoacán detected malicious activity targeting the institution's web portal. The attack affected the public display of at least fifteen microsites that are part of the main portal environment. The institution stated that the intrusion did not compromise internal systems, databases, documents, or any critical services. Officials emphasized that the impact was limited to visual presentation and did not extend to backend applications. They noted that the detection was carried out promptly by the specialized cybersecurity unit.
The alleged hack occurred in the early hours of the same day, prompting system specialists to initiate containment procedures immediately. After conducting a thorough analysis, authorities confirmed that internal systems and the backend of the applications remained unaltered. The Fiscalía assured that no sensitive or personal data were lost or exposed, preserving the integrity and availability of internal services. They described the damage as superficial and purely visual, with no effect on operability or service continuity. By the end of March 30, the affected microsites had been restored and preventive and corrective actions were reinforced across the technological infrastructure.