Cyber Incident Victim: Procon-Santos
Date:
Apr 2024
Location:
Brazil
Summary
The Procon-Santos portal went offline, disrupting its online services after an incident that began. The municipality said it had contacted the site’s provider and would investigate, noting that the portal would stay down until verification is finished while citizens can reach the agency by phone, email or in person at Poupatempo. Local reports attributed the outage to a claimed attack by a hacker named Azael of TeamR70, though the municipality has not confirmed this, and noted that the Santos port’s website experienced similar instability affecting internal systems and prompting its cybersecurity team to start recovery and investigation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On Thursday afternoon, April 4, 2024, the online portal of the Fundação de Proteção ao Consumidor (Procon) in Santos began experiencing service disruptions that continued into Friday, April 5, leaving the website inaccessible to the public. The outage prevented citizens from accessing online services normally offered by Procon-Santos, such as consumer complaint filings and information requests. According to a statement issued by the Prefeitura de Santos, the incident compromised the availability of the Procon website and affected remote assistance channels that rely on the portal. Local media reports indicated that a self‑identified hacker named Azael, who claimed affiliation with the cybercriminal group TeamR70, sent emails to Procon staff asserting responsibility for the disruption. The municipal notice did not confirm the validity of the hacker’s claim, noting only that further information would be provided later. The disruption coincided with similar instability observed on the official website of the Port of Santos on the same day.
In response, the Prefeitura de Santos stated that Procon‑Santos had already contacted the company responsible for hosting and maintaining the site in order to restore functionality as quickly as possible. The municipality announced that an investigation would be conducted to determine the cause of the outage, and that the site would remain offline until the verification process by the internet domain provider was completed. While the portal was unavailable, the public was directed to alternative means of contacting Procon, including the telephone numbers 0800 779‑0151 and (13) 3219 9001, the email address [email protected], and in‑person assistance at the Poupatempo location on Rua João Pessoa, 246, operating from 9 a.m. to 4 p.m. The Prefeitura’s full communiqué, reproduced by Security Report, reiterated that the site would stay off the air until the company finished its verification and promised additional updates thereafter. Separately, the cybersecurity team of the Port of Santos began recovery work on its own affected systems, which included the intranet, various software applications, and port‑zone entry barriers, while investigating potential causes for the simultaneous incidents.