Cyber Incident Victim: Junta Municipal de Agua Potable y Alcantarillado de San Felipe

On the night of Tuesday, March18, 2025, the Junta Municipal de Agua Potable y Alcantarillado de San Felipe (JMAPA) experienced a cyberattack that resulted in the theft of more than forty million pesos from its bank accounts. The breach was identified when officials observed unusual movements in the accounts held at Banorte, which prompted a review of transaction records. Examination of the records revealed at least sixteen suspicious transactions, each contributing to a total exceeding forty million pesos. The alteration of security tokens associated with the accounts raised immediate concern among municipal authorities. In response to the detected anomalies, JMAPA personnel notified the municipal government and initiated an internal review of the activity. The municipal leadership expressed alarm over the potential compromise of financial controls and the loss of public resources. They promptly decided to file a formal complaint with the Fiscalía General de Justicia to pursue a criminal investigation. The complaint specifically cited the robbery of electronic funds and the unauthorized transfer of money from JMAPA’s accounts. Municipal officials emphasized that the incident represented a significant breach of trust with the citizens of San Felipe. The initial report did not disclose the specific methods used by the attackers to gain access to the accounts. The focus of the early response was on securing the remaining funds and preserving evidence for investigators.

The municipal government issued a communiqué affirming its support for the complaint filed with the state prosecutor’s office and pledged to ensure transparency throughout the investigative process. The statement from the H. Ayuntamiento declared that it backed the denunciation already presented to the Fiscalía General del Estado because it believes firmly in accountability and the proper handling of public funds. Following the public disclosure of the theft, the Cabildo convened an extraordinary session to address the governance of JMAPA. During that session, the council voted to remove the entire board of directors of the agency, a decision described by witnesses as having been carried out with several irregularities. The communiqué did not confirm whether the removed officials bore any direct responsibility for the cyberattack, leaving that determination to the ongoing investigation. Authorities indicated that the priority was to prevent impunity and to clarify what happened to the resources belonging to the residents of San Felipe. The municipal government said it would continue to cooperate with the Fiscalía and any other relevant agencies involved in the case. In addition to the current incident, the article referenced a prior event that occurred in October 2023 in the municipality of Cuerámaro. In that earlier case, nearly eight million pesos were reportedly stolen from a bank account through a presumed hacking, and the theft had also been denounced to the Fiscalía General del Estado de Guanajuato. The article states that investigators expect the investigation to advance in the coming days.