Cyber Incident Victim: Municipality of Balneário Camboriú

On January 27, 2021, the Municipality of Balneário Camboriú in Brazil experienced a ransomware attack that disrupted its online services. The malicious software restricted access to the municipality's infected systems, employing encryption to block functionality and demand payment for restoration. The attack rendered municipal digital services inoperable throughout the day, affecting public access to online platforms managed by the local administration. Municipal authorities immediately initiated response protocols upon detecting the intrusion, though specific technical details regarding initial detection methods or entry vectors were not publicly disclosed. The Information Technology Division (DTI) implemented emergency measures to isolate affected systems and prevent further propagation of the ransomware within municipal networks. Service disruptions persisted throughout Wednesday as technicians worked to restore operations, with critical systems remaining offline during containment efforts.

Henrique Otte, Director of the DTI, publicly confirmed the containment of the attack and stated no data exfiltration or compromise occurred due to their rapid response. The municipality filed an official police report to initiate criminal investigations into the incident, though no details regarding potential threat actors or ransom demands were disclosed. Otte projected full service restoration by the end of the same day, attributing this timeline to successful containment measures that prevented systemic encryption. The municipality maintained operational continuity for essential in-person services despite the digital disruption, though the specific duration of residual impacts beyond January 27 was not detailed in available reports. Technical recovery efforts focused on system restoration from secured backups rather than ransom payment, consistent with the administration's assertion that no data was irrecoverably lost during the incident.