Cyber Incident Victim: Gafisa S.A.

On February 16, 2022, Gafisa S.A., a publicly traded Brazilian company listed under B3: GFSA3 and OTC: GFASY, detected a criminal ransomware attack within its information technology environment. The company immediately activated its internal information security protocols to investigate the incident's origins and mitigate potential damages. Gafisa confirmed that its business operations continued without interruption despite the cyberattack. The organization's IT team initiated an investigation to determine the scope of the breach, including the attack's technical reach and potential consequences across its systems. No specific operational disruptions or compromised systems were disclosed in the initial notification. The company emphasized its existing security measures, including regular network updates and continuous investments in technology infrastructure designed to prevent unauthorized access attempts.

Gafisa stated it employed technologies with strict security standards aligned with its operational requirements prior to the incident. The investigation remained ongoing at the time of the announcement, with no public timeline provided for its completion. The company committed to maintaining communication regarding any material developments related to the ransomware event. No threat actor group, ransom demands, data exfiltration claims, or specific remediation actions beyond protocol activation were disclosed in the market notification. Gafisa's Investor Relations department, led by Director Ian Andrade, issued identical Portuguese and English statements confirming these details to ensure market transparency. The announcement concluded without specifying whether regulatory authorities or external cybersecurity firms were involved in the response.