Cyber Incident Victim: Câmara de Chaves

On November 13, 2024, during the early hours of Wednesday, the Câmara de Chaves municipality in Portugal’s Vila Real district experienced a malicious cyberattack that severely disrupted normal municipal operations. The attack compromised the municipality’s computer systems and communications infrastructure, leading to a complete loss of access to digital services. In response, the municipality activated pre-established internal security protocols and formally notified relevant authorities, including Portugal’s National Cybersecurity Center (Centro Nacional de Cibersegurança) and the Judicial Police (Polícia Judiciária), both of which are actively monitoring the incident. The attack’s immediate consequences included the suspension of all municipal services reliant on IT systems, rendering the municipality unable to provide standard public assistance or maintain routine administrative functions. No specific details about the attack vector, perpetrator, or data compromise were disclosed in the initial statement.

Municipal technicians, alongside an external specialized entity, are currently assessing the full scope and severity of the breach to determine its operational and technical ramifications. Restoration efforts are underway in coordination with cybersecurity authorities, though the municipality has not provided a projected timeline for service recovery, citing the complexity of the incident. The disruption has significantly impacted citizen-facing operations, prompting a public apology from the municipality for the inconvenience and a request for public understanding. Regular updates on recovery progress are promised, but as of the latest communication, critical systems remain offline with no indication of when normal operations will resume. The incident underscores the ongoing vulnerability of local government infrastructure to cyber threats and the challenges in rapid response and remediation.