Menu
Browse
Date:

Oct 2024

Location:

Brazil

Summary

The Companhia de Saneamento Básico do Estado de São Paulo confirmed a cyberattack causing network instability, prompting immediate security measures and system restoration efforts. No personal data compromise was identified, and critical water supply and sewage operations remained unaffected. Customer service channels experienced disruptions, including WhatsApp and chatbot outages, leading to extended wait times, though phone and in-person services continued. Internal reports from worker unions indicated widespread system failures across commercial, customer service, and operational units for multiple days, with employees resorting to external networks for limited functionality. The company attributed the incident to "external factors" in initial communications, while union accounts described significant internal operational chaos.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actors Type Location
0 actors Available to members Available to members

Description

On October 17, 2024, Sabesp (Companhia de Saneamento Básico do Estado de São Paulo) confirmed via email to CISO Advisor that it suffered a cyberattack causing network instability. The company stated it immediately activated all security and control measures while implementing recovery plans for affected systems. Preliminary forensic investigations indicated no evidence of compromised personal data at the time of reporting. Critical water supply, sewage collection, and treatment operations remained unaffected. Customer service channels experienced disruptions, with WhatsApp services and the chatbot rendered temporarily inoperative, though the 0800 055 0195 call center and Virtual Agency (agenciavirtual.sabesp.com.br) remained functional. In-person appointments at over 400 agencies statewide continued via prior scheduling through the Virtual Agency. Sabesp acknowledged extended wait times for assistance due to system instability and apologized for inconveniences, emphasizing efforts to fully restore service channels. No ransomware group claimed responsibility for the incident, and Sabesp did not reference the attack in public communications beyond its initial statement.

Cyber Incident Image

Social media reports on X/Twitter and Reclame Aqui earlier that day indicated widespread customer service disruptions. Sintaema, the union representing São Paulo sanitation workers, disclosed in a public note that Sabesp's internal systems had been non-operational since October 17, describing the situation as "chaotic." According to the union, only the Reservoir Control System (COO) remained functional, forcing employees to rely on mobile internet or external networks for other tasks. Sintaema further reported five days of paralysis in commercial operations, Poupatempo services, meter reading, and customer support across all state units due to the outage. Sabesp's website initially attributed the disruption to "external factors causing network instability" in a pop-up notification, directing customers to emergency services via the 0800 number. The company, valued at R$40 billion with 2023 revenues of R$25.6 billion, maintained its focus on system restoration without providing additional technical details about the attack vector or recovery timeline.

Sources
Sources available to members
1 source