Cyber Incident Victim: Ministry of Economy and Finance

In early May 2020, North Macedonia’s Ministry of Economy and Finance faced a significant cybersecurity incident when hackers leaked dozens of email addresses and passwords belonging to staffers across multiple public institutions. The breach exposed vulnerabilities in the government’s IT infrastructure, with compromised credentials potentially granting unauthorized access to sensitive systems. Concurrently, key sections of Skopje’s primary local government website became inaccessible starting Thursday, May 7, 2020, signaling an additional security failure that persisted for several days. Officials publicly asserted the situation was under control, but the ongoing website outages contradicted these assurances, undermining public confidence. The incident highlighted systemic weaknesses in the nation’s cybersecurity posture, particularly within critical administrative entities.

The credential leak directly impacted government operations by exposing employee accounts to potential misuse, though the full scope of accessed data remains unspecified. Service disruptions from the website outage hindered public access to essential municipal resources, compounding operational challenges. Authorities did not disclose technical details about the attack methodology or whether ransomware or data exfiltration occurred. No immediate remediation steps—such as forced password resets or system audits—were publicly confirmed beyond attempts to restore website functionality. The breach underscored persistent gaps in North Macedonia’s digital defenses, with no attribution to specific threat actors or clarification on whether foreign or domestic entities were involved. Government responses remained limited to public reassurances without substantive transparency regarding long-term corrective measures.