Cyber Incident Victim: Sistema Intermunicipal de los Servicios de Agua Potable y Alcantarillado
Date:
Apr 2025
Location:
Mexico
Summary
The agency experienced a cyber attack that disabled its payment processing system, preventing users from making payments at its offices. As a result, the agency advised customers to use convenience stores and banks for bill payments while it works with state authorities to restore the service and investigate the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Thursday April 3 2025, SIAPA's payment system experienced a cyber attack that disrupted its ability to process payments and administrative services. The disruption continued unchanged through the following days, with the article dated April 10 2025 noting that the system remained offline. SIAPA communicated the issue through its official Twitter account, informing users that the payment system was not functioning. The organization indicated that no date had been set for restoring the service. Users who visited SIAPA offices reported that they could not complete their payments and were forced to seek alternative means.
Users expressed frustration after traveling long distances to SIAPA offices only to discover that payment services were unavailable. One user described having visited a office in Tlaquepaque on Wednesday, finding no service, and then deciding to wait two days before returning to the main office, only to encounter the same problem. Another user noted being told to return the following week to see if service would be restored, highlighting the uncertainty. The lack of service compelled individuals to seek payment options at nearby convenience stores and banks. SIAPA advised the public to stay informed through official media channels for updates on when normal operations would resume.
In an official statement released on April 10 2025, SIAPA confirmed that a cyber attack had affected its server and interrupted administrative services. The organization said it had immediately addressed the incident and was pursuing legal actions with the state prosecutor's office against those responsible. SIAPA stated that it would inform users promptly when the system would be restored and regular service could resume in branches and operational centers. In the meantime, the entity directed users to make payments at convenience stores and banks. The communication concluded with a reminder to monitor official announcements for any changes to the service status.