Cyber Incident Victim: Intendencia Paysandú

On July 24, 2024, the Intendencia de Paysandú (local government of Uruguay's Paysandú department) experienced a significant cyberattack that resulted in the complete loss of all stored information. The attack disrupted multiple departmental services, rendering critical systems inoperable and affecting municipal operations. Hackers responsible for the breach demanded a ransom payment of US$650,000 in exchange for restoring access to the compromised data. Intendente (Mayor) Nicolás Olivera publicly confirmed the incident to local media outlet El Observador on July 26, describing the event as having caused widespread technical failures across government infrastructure. The attack's immediate consequences included paralysis of administrative functions and public-facing services, though specific affected systems weren't detailed in official statements.

The departmental government refused the ransom demand and initiated recovery efforts without engaging with the attackers. Technical teams worked to rebuild systems and restore services through alternative means, though the timeline for full recovery remained unspecified. No evidence emerged suggesting data exfiltration beyond the encryption of local systems. The incident marked one of Uruguay's most disruptive cyberattacks on public infrastructure, highlighting operational vulnerabilities in departmental administration. Response efforts focused on service restoration rather than forensic investigation in initial communications, with authorities prioritizing functional recovery over public disclosure of technical details regarding the attack vector or perpetrator identity.