Cyber Incident Victim: Cargills Bank PLC

OnMarch 21, 2025, Cargills Bank PLC issued a market announcement to the Colombo Stock Exchange stating that it had identified a cybersecurity event involving unauthorized access to a peripheral system within its infrastructure. The announcement said that upon detection the bank acted swiftly to fortify its systems, isolate the affected components, and engage top‑tier cybersecurity experts to assess the scope of the threat, mitigate any potential impact, and safeguard the interests of its customers and the bank. It also noted that there had been no disruptions to the bank’s banking operations as a result of the event. The EconomyNext article published on March 24, 2025, reported the same statement from the CSE filing and added that the bank provided an update on the following Tuesday.

In response to the detected unauthorized access to the peripheral system, Cargills Bank fortified its systems and isolated the affected components as part of its immediate actions. The bank engaged external cybersecurity experts to conduct a thorough assessment of the threat’s scope and to implement measures aimed at mitigating any potential impact. These steps were taken to protect the interests of the bank’s customers and the institution itself. Throughout the incident, the bank maintained that its core banking services continued to operate without interruption. The bank’s communications indicated that the affected components had been isolated and that no operational disruptions were observed. The bank’s statements indicated that it had taken steps to address the event and that its banking operations continued without disruption.