Cyber Incident Victim: Junta Administrativa del Servicio Eléctrico de Cartago

On April 23, 2022, Conti ransomware operators encrypted the administrative systems of Junta Administrativa del Servicio Eléctrico de Cartago (JASEC), the electricity and internet service provider for approximately 160,000 residents in Cartago, Costa Rica. The attack began on Saturday, April 23, targeting servers supporting JASEC's website, email systems, administrative collection platforms, and customer billing infrastructure. General Manager Luis Solano confirmed the encryption via Facebook announcements, stating that while electricity and internet services remained operational, all online payment capabilities were disabled. JASEC suspended bill payments indefinitely and engaged external experts to investigate potential data exfiltration by Conti. The ransomware directly disrupted revenue collection mechanisms, forcing customers to delay payments until systems were restored.

Conti's attack on JASEC occurred amid a broader offensive against Costa Rican government entities, including the Finance Ministry, which suffered encryption of customs and tax platforms containing sensitive historical taxpayer data. Finance Minister Elian Villegas confirmed the breach, while export associations estimated $200 million in daily losses due to customs processing bottlenecks. Outgoing President Carlos Alvarado Quesada denounced the campaign as an attempt to destabilize the country during its presidential transition, explicitly refusing Conti's reported $10 million ransom demand. The Finance Ministry issued public warnings about phishing attempts exploiting the crisis, urging citizens to avoid password reset solicitations. Business leaders expressed concerns about theft of financial records and potential leaks to media or government officials, amplifying national anxiety over the multi-agency disruptions.