Cyber Incident Victim: Tribunal Regional Federal da 3ª Região

On Friday, March 7, 2025, the electronic, judicial and administrative systems of the Federal Justice of the Third Region (TRF‑3) experienced a period of instability. The TRF‑3 of São Paulo issued a confirmation that the disruption was caused by a Distributed Denial of Service (DDoS) attack targeting its web portals. According to the official statement, the attacker’s activity overloaded the servers, which prevented legitimate users from accessing the services provided by the tribunal. The overload persisted for a portion of the day, affecting the availability of online judicial and administrative functions.

In response to the attack, TRF‑3 reported that all malicious traffic was promptly mitigated and that its systems have been restored to normal operation. The tribunal emphasized that no data was lost, compromised or exposed during the incident. As a consequence of the service interruption, TRF‑3 announced that it would extend the deadlines for the submission of documents by the parties involved in legal proceedings (PJs). The extension was intended to accommodate users who were unable to access the portal while the DDoS attack was ongoing.

The official communication released by TRF‑3, disseminated through Security Report, detailed that the instability observed on March 7 was directly attributable to the DDoS attack, which aimed to overload servers and block legitimate access. It reiterated that the mitigation efforts were successful, the systems are functioning normally, and the tribunal remains committed to maintaining the integrity and availability of its electronic services. The statement closed by reinforcing that the incident did not result in any data breach or loss.