Cyber Incident Victim: Universidade Federal de Mato Grosso do Sul

On September 24, 2023, the Federal University of Mato Grosso do Sul (UFMS) in Brazil experienced a cybersecurity incident that disrupted its digital operations. The attack occurred during the early hours of Sunday, prompting the university’s Agency of Information and Communication Technology (Agetic) to take all computational systems and digital services offline as a precautionary measure. By Monday morning, September 25, students were unable to access critical platforms, including enrollment portals, virtual learning environments, and institutional websites. The university confirmed the incident stemmed from unauthorized access to servers storing institutional systems, email accounts, and associated passwords for institutional drives. Agetic initiated efforts to restore systems securely, estimating a 72-hour recovery timeline from the point of intrusion detection. No classes were canceled, as academic activities continued without reliance on the compromised digital infrastructure.

UFMS activated its contingency plan, notifying federal authorities including the Integrated Cybersecurity Center of the Federal Government’s Digital Government initiative, the Federal Police, and the Federal Prosecution Office. Physical internet access disruptions were reported in specific campus locations, such as the Journalism building and Central Library, though the university did not confirm whether these outages were directly linked to the cyberattack. The institution emphasized its commitment to restoring services with "security and reliability" while safeguarding university community data. No explicit details regarding the attack vector, perpetrator identity, or data exfiltration were disclosed in official communications. Investigations into the criminal act proceeded under federal jurisdiction, with no further public updates on forensic findings or long-term operational impacts provided within the source material’s timeframe.