Cyber Incident Victim: Nuuk, Grönland

On March 25, 2022, Greenland's Self-Rule Government (Naalakkersuisut) publicly disclosed a cybersecurity incident impacting Sullissivik's website and other public digital services. The breach originated from unauthorized access to one of the central administration's servers, prompting immediate containment measures. Authorities blocked all inbound and outbound communication traffic from these government servers to prevent further data exfiltration or system compromise. This network isolation was implemented as a precautionary measure while investigators assessed the scope and origin of the intrusion. The blockade remained active until at least the following Monday, with officials prioritizing the protection of central administration data repositories during forensic analysis. Technical teams worked to identify the vulnerability exploited in the breach, though specific details about the attack vector were not disclosed publicly.

The containment strategy caused widespread service disruptions across Greenland's public sector digital infrastructure. Citizens and businesses lost access to web services dependent on external data transfers, particularly those requiring NemID authentication, as Denmark-based validation servers became unreachable due to the communication blockade. Sullissivik.gl's login functionality was among the confirmed casualties, preventing users from accessing services tied to NemID verification. Other affected systems included unspecified government web solutions transmitting data outside Greenland's network perimeter. The Self-Rule Government acknowledged these disruptions as necessary collateral damage while containing the breach, emphasizing ongoing intensive remediation efforts. A status update was scheduled for Monday evening following the initial response period, though restoration timelines for individual services remained undefined at the time of reporting.