Cyber Incident Victim: Citel

OnTuesday, April 29, 2025, retailers that rely on Citel’s ERP system experienced widespread instability that disrupted access to terminals and basic retail operations. The disruption was traced to a cyberattack targeting Citel’s cloud‑hosted servers, a fact disclosed in an official statement released the following day, Wednesday, April 30. According to Citel, the compromised servers are operated in partnership with Oracle, a provider of cloud computing and digital security services. The attack prompted the company to enact a preventive block that cut off network access for all users, including those accessing Citel’s products through Oracle Cloud. As a result, merchants were unable to perform routine tasks such as issuing fiscal notes, managing inventory, and completing sales.

In its official note, Citel expressed sincere apologies for the inconveniences caused and reiterated its commitment to transparency and the security of information entrusted to it. The company announced that it is conducting a thorough investigation into the incident and pledged to continue investing in processes, strategic partnerships, and staff training to preserve system stability and security. Citel also made its technical team available to provide support and additional clarifications to affected clients. The preventive access block remained in place while the investigation proceeded, aiming to safeguard data integrity.

The episode highlighted the growing risk of cyberattacks against the retail sector and underscored the importance of robust digital security measures, particularly for firms that supply essential services to daily commerce. Citel indicated that it would use the lessons learned to strengthen its defenses and maintain the reliability of its ERP platform. No further details about the attackers, their methods, or the exact duration of the outage were provided in the source material.