Cyber Incident Victim: Prefeitura de Porto Alegre

On April 19, 2024, the official website of Porto Alegre’s municipal government experienced a disruptive cyberattack that forced its temporary removal from public access. Hackers compromised the portal in the afternoon, replacing standard content with unauthorized messages containing local slang, homofóbic comments, and football-related opinions, accompanied by displayed code snippets and the emblem of Grêmio, a local football club. The defacement was immediately detected by municipal authorities, prompting the Porto Alegre Information and Communication Technology Company (Procempa) to deliberately take the site offline to contain the incident. This action prevented further unauthorized access or modifications while technical teams initiated their assessment. Visitors attempting to reach the site were redirected to a maintenance notification citing technical issues, with the municipality publicly apologizing for the disruption and requesting user patience during restoration efforts. No additional details regarding the attack vector, data compromise, or specific system vulnerabilities were disclosed in the initial response.

The incident disrupted public access to municipal online services and information, though the full operational impact beyond the website’s unavailability remains unspecified. Procempa led containment and forensic activities, focusing on securing the platform before restoration. The attackers’ messages suggested a focus on cultural provocation rather than explicit financial or data theft motives, though no group claimed responsibility. Municipal communications emphasized procedural adherence to incident response protocols but did not provide timelines for full recovery or details about potential collateral damage to integrated systems. Technical remediation and investigation continued as of the reporting date, with no further public updates on the scope of infrastructure compromise or long-term mitigation measures.