Cyber Incident Victim: Porto de São Francisco do Sul

On May 6, 2024, the Port of São Francisco do Sul experienced a cyberattack targeting its servers, resulting in the encryption of an unspecified portion of its data. The port's technical team immediately disabled affected systems to contain the attack's propagation, initiating emergency response protocols. By May 7, partial system functionality had been restored through coordinated efforts between the port's internal IT staff and external service providers. This partial recovery enabled the full resumption of port operations within 24 hours of the initial disruption, minimizing operational downtime. The port's official statement confirmed ongoing forensic analysis to determine the full scope of compromised data, though no specific datasets were publicly identified as breached during the incident's initial phase.

Security and access control systems—including automated license plate recognition, biometric authentication, and closed-circuit television monitoring—underwent gradual restoration following core operational recovery. The port formally notified Brazil's Federal Revenue Service (Receita Federal), which authorized operational restart contingent upon enhanced contingency measures. Parallel notifications were submitted to the National Waterway Transportation Agency (Antaq) and the National Data Protection Authority (ANPD) in compliance with regulatory obligations. No operational delays or cargo processing interruptions were reported after systems resumed, though the port emphasized continued evaluation of technical impacts. Restoration priorities focused on maintaining maritime logistics continuity while investigators worked to establish the attack's origin and full technical consequences.