Cyber Incident Victim: Rede Bahia

On May 13, 2021, Rede Bahia, a Brazilian multimedia conglomerate operating 16 outlets focused on Bahia, experienced a ransomware attack that disrupted its operations. The attack compromised the organization’s servers and systems, impairing critical functions, including the daily publication of its newspaper, Correio. Rede Bahia issued an internal memo the same day, informing employees of the breach and confirming the unauthorized access had affected employee and former employee data. The company stated it had implemented technical and security measures to contain the incident, including engaging specialized firms to mitigate risks. Operations remained partially disrupted at the time of reporting, with restoration efforts ongoing.

The attack led to the public disclosure of sensitive employee information, though the full scope of exposed data was not detailed. BNEWS, a subsidiary, initially reported and later removed a screenshot purportedly showing redacted employee salary information circulated via email and social media; its authenticity remained unverified. Rede Bahia publicly directed audiences to alternative news platforms like radio and online channels during service interruptions. The organization acknowledged involving unspecified authorities to investigate the incident and determine responsibilities. No ransomware variant, ransom demands, or explicit attribution were disclosed. The incident highlighted operational vulnerabilities and data protection challenges, with employee privacy impacts confirmed but not quantified. Rede Bahia’s response prioritized internal communication, external partnerships for recovery, and regulatory compliance, though system restoration timelines were unresolved when reported.