Cyber Incident Victim: Municipality of Ourique

On September 7, 2022, the Municipality of Ourique publicly disclosed a ransomware attack targeting its computer systems via an announcement on its official Facebook page. The attack disrupted municipal operations, forcing the town hall to limit certain public services while maintaining conditional functionality for others. Upon detecting the incident, municipal authorities immediately activated response protocols to investigate the breach and filed a formal criminal complaint with Portugal’s Judicial Police. Initial audits conducted by the municipality revealed no evidence of unauthorized access to databases within the compromised systems. The City Council emphasized that the attack did not affect databases containing municipal records but acknowledged operational disruptions impacting service delivery. No threat actor claimed responsibility for the attack at the time of disclosure, and municipal officials did not reference any ransom demands or negotiations in their public statements.

The Municipality of Ourique issued a public apology for service interruptions and expressed gratitude for residents’ understanding during the incident response. Technical assessments remained ongoing as of the disclosure date, with authorities continuing to evaluate the full scope of system compromises. The ransomware attack occurred amid broader cyber threats targeting Portuguese public institutions, though no explicit link to other contemporaneous incidents was established. Municipal services operated under restricted capacity for an unspecified duration following the attack. No additional updates regarding data exfiltration, financial impacts, or recovery timelines were provided in the initial announcement or subsequent public communications reviewed in the source material.