Cyber Incident Victim: Brazil's National Health Surveillance Agency

On September 9, 2021, hackers targeted the website of Brazil’s National Health Surveillance Agency (Anvisa), disrupting a critical public service component. The attackers specifically compromised the Traveler’s Health Declaration form, a digital tool required for international health compliance during the COVID-19 pandemic. They replaced the functional webpage with an image of Argentina’s national flag, rendering the form inaccessible to users. This defacement occurred shortly after the September 5 suspension of a FIFA World Cup Qualifier match between the Brazilian and Argentinian national teams in São Paulo. Anvisa publicly characterized the attack as retaliation for the match’s cancellation, which had been triggered by the agency’s enforcement of COVID-19 protocols against four Argentinian players. The incident temporarily disrupted Anvisa’s ability to process traveler health declarations, though core agency functions remained operational.

The attack’s primary impact was the unavailability of a mandated health screening tool, potentially affecting travel logistics and public health monitoring. By substituting the form with Argentina’s flag, the hackers emphasized a symbolic connection to the geopolitical dispute surrounding the suspended match. Anvisa acknowledged the breach but did not disclose technical details regarding the intrusion vector or duration of downtime. No data theft or broader system compromise was reported in the available sources. The agency restored the affected webpage, but the timeline for remediation and any implemented security enhancements were not publicly documented. The incident highlighted vulnerabilities in a high-visibility government digital service during a period of heightened public scrutiny over pandemic-related regulations.