Cyber Incident Victim: Río Grande Municipality

On November 27, 2023, Telemundo Puerto Rico reported a cyberattack targeting the municipal systems of Río Grande, Puerto Rico. The incident was initially detected on Monday, November 20, when the municipality’s IT officer observed anomalies during routine monitoring, including missing data on system monitors and evidence of partial data extraction. This discovery prompted an internal review, after which the municipality engaged a private cybersecurity firm to investigate the irregularities. The external analysis confirmed a cyberattack by hackers who introduced malicious software, corrupting the municipal portal and compromising all stored content. The attackers’ methods involved deploying viruses that disrupted normal operations and compromised data integrity across the municipality’s digital infrastructure.

The cyberattack caused estimated damages of approximately $75,000 to the municipal systems. Despite the severity of the breach, Río Grande Mayor Ángel "Bori" González publicly characterized the data loss as minimal, though no specific details were provided regarding the scope or nature of the affected data. The municipality alerted the Puerto Rico Police Department’s Criminal Investigations Corps and Cyber Crimes Unit on Thursday, November 23, initiating a formal investigation. Law enforcement agencies collaborated with the private cybersecurity firm to assess the attack vectors and identify potential perpetrators. No ransomware deployment or explicit ransom demands were mentioned in the reports. Municipal operations faced disruptions, but critical public services remained functional. The investigation remained active as of the last reported update, with authorities working to restore compromised systems and determine the full extent of the breach.