Cyber Incident Victim: Prefeitura de Silveiras
Date:
Feb 2025
Location:
Brazil
Summary
The municipal administration of Silveiras reported a cyberattack resulting in the diversion of approximately R$472,900 from municipal accounts held at Caixa Econômica Federal. Local authorities are collaborating with civil and federal police cybercrime units to investigate the incident and recover the funds, while the mayor formally requested reimbursement during a visit to the bank's headquarters. Caixa confirmed it is assisting the municipality and analyzing the contested transactions, emphasizing its continuous security monitoring and advising clients to avoid suspicious links or calls. The administration continues to monitor recovery efforts to restore the diverted public funds.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Prefeitura de Silveiras publicly disclosed a cyberattack on February 1, 2025, revealing that unauthorized actors diverted R$472,900.36 from municipal accounts held at Caixa Econômica Federal during February 2025. Municipal administration officials stated the incident involved fraudulent transactions from accounts linked to city operations, though specific technical details about the attack vector or compromised systems were not disclosed. Upon detecting the unauthorized transfers, Silveiras' leadership engaged law enforcement agencies—specifically the Polícia Civil and Polícia Federal—to initiate criminal investigations targeting cybercrime aspects of the financial diversion. The municipality simultaneously coordinated with Caixa Econômica Federal to formally contest the fraudulent transactions through established banking dispute resolution channels. Mayor Edson Mota traveled to Brasília to personally submit an official restitution request at Caixa's headquarters, emphasizing the urgency of recovering public funds. Financial impacts were confined to the stolen amount, with no additional disruptions to municipal services or secondary financial losses reported in available documentation.
Caixa Econômica Federal confirmed it was assisting Silveiras' administration while conducting its own internal investigation into the transaction irregularities, though the bank did not specify whether the breach originated from its systems or client-side vulnerabilities. The financial institution reiterated standard security protocols, advising clients to avoid suspicious links and verify unsolicited communications claiming bank affiliation through official channels. Silveiras' government maintained continuous monitoring of recovery efforts through legal and financial institutions, focusing on restitution procedures rather than public disclosure of forensic findings. No arrests, threat actor attributions, or data compromise beyond the financial theft were reported by investigating entities at the time of disclosure. The incident remained under active investigation by multiple agencies with no conclusive resolution timeline provided in public statements.