Cyber Incident Victim: Instituto de Información Estadística y Geográfica del Estado de Jalisco

On December 5, 2022, the Instituto de Información Estadística y Geografía (IIEG) of Jalisco publicly disclosed a cyberattack that disabled its website, forcing it into prolonged maintenance. The attack was first detected on the evening of December 5, though preliminary evidence suggested the compromise may have originated earlier. The IIEG stated it had identified potential suspects through social media account analysis but could not establish communication with the perpetrators or determine their motives. This incident disrupted public access to statistical and geographic information managed by the institute, creating administrative burdens and diverting taxpayer resources toward incident resolution. The IIEG emphasized that its systems had been heavily targeted historically, enduring over 29.284 billion cyberattacks between May and November 2021 alone according to the General Directorate of Information Technologies.

Separately, the Jalisco State Congress reported a ransomware attack during the weekend of December 2-4, 2022, affecting 14 of its 17 legislative servers. Legislative officials confirmed the intrusion began with a breach of their computing systems, rendering stored data inaccessible. The "Play" ransomware variant encrypted parliamentary records including session minutes, procedural documents, legislative gazettes, legal demands, and accounting files. Systems personnel detected the encryption malware but could not ascertain whether data was exfiltrated or permanently destroyed. Temporary workarounds enabled legislative operations to continue while forensic investigations proceeded. Congress leadership filed a formal complaint with the State Prosecutor’s Office and noted connections to cybercriminal activity targeting government entities in Córdoba, Argentina. No ransom demands or recovery timelines were disclosed publicly during the initial response phase.