Cyber Incident Victim: Office of the Chief Minister and Council of Ministers, Sudurpaschim Province

On Friday, July 5, 2024, the official website of the Office of the Chief Minister and Council of Ministers in Sudurpaschim Province was compromised by unauthorized actors. The breach became evident when visitors attempting to access the portal encountered a defacement message claiming responsibility under the identifier "Cookies called Captain Smoker 3R." Information Officer Jagadish Prasad Joshi confirmed the incident occurred that day and stated the office promptly notified the Department of Information Technology in Kathmandu upon discovery. Initial response measures focused on assessing the intrusion and initiating recovery procedures, though technical details regarding the attack vector or potential data compromise were not disclosed in available reports. The website remained non-operational during the immediate aftermath, disrupting public access to governmental information and services hosted on the platform.

Recovery efforts commenced immediately following the breach notification but had not restored functionality by the following morning, Saturday, July 6. No additional technical specifics about the attack methodology, such as exploitation of vulnerabilities or malware deployment, were verified through official channels at the time of reporting. The incident's confirmed impact was limited to service disruption and reputational damage through the visible defacement, with no publicly acknowledged evidence of data exfiltration or secondary compromises. The Department of Information Technology's involvement indicated coordination with provincial authorities, though their specific remediation actions remained unspecified. As of the latest available information, the portal's restoration status and any forensic findings had not been formally updated beyond the acknowledgment of ongoing recovery work.