What preventive actions are being prepared or implemented following the cyber attack on the Agency for Administrative Modernization (AMA)?
The Liberal Initiative (IL) sent seven questions on Wednesday to Minister Margarida Balseiro Lopes regarding the ransomware attack that occurred on October 10.
Impact of the Cyber Attack
The incident made several digital platforms and services, including the gov.pt portal and the id.gov.pt app, preventively unavailable.
Read More About: PSP Police Has Started Nationwide Campaign In Schools Against Anti-bullying
Given that the attack put the personal data of millions of Portuguese citizens at risk and seriously affected critical services of the Public Administration, the party led by Rui Rocha is questioning the Minister of Youth and Modernization, who oversees the AMA.
Government Response and Restoration Timeline
The IL is asking what assessment has been made regarding the impact of the cyber attack and what conclusions have been drawn from it. The Government has announced that so far, there is no evidence of exfiltration of data related to the cyberattack on the Agency for Administrative Modernization (AMA).
In a statement, the Ministry of Youth and Modernization announced that they expect to fully restore the gov.pt portal by 11:59 PM on Thursday, October 17. They also reported that the resolution of the incident is progressing well and reassured the public that they currently see no indication of compromised personal data.
They are progressively providing updates on service restoration on the website.
Clarification Demanded by IL
In a document sent to the Minister of Youth and Modernization, the Liberal Initiative (IL) is seeking clarification from the Government on several key points regarding the recent cyberattack on the Agency for Administrative Modernization (AMA).
The party is asking whether there was any fraudulent encryption of data from entities or people, illegitimate access, or leakage of personal data. The Liberals are also inquiring about the adopted mitigation measures and the resolution measures the Government is currently taking in response to the attack.
Additionally, IL is requesting information on what support was provided to the affected entities and individuals.
Also Read: End Of Tolls From 1 January 2025 For Several Motorways Will Cost Portugal €180 million
The team working on resolving the ransomware attack is tirelessly restoring all services under appropriate security conditions, the Government assured. AMA is rigorously following the necessary procedures to restore systems safely, prioritizing the secure reestablishment of all affected services.
Cyberattack on AMA Incident Details
On October 10, a cyberattack targeted AMA’s infrastructure. The entity reported experiencing a disruption in its network due to ransomware, which led to the preventive unavailability of access to several digital platforms and services.
In view of this:
AMA immediately activated security protocols to respond to this type of attack with the competent national authorities in matters of cybercrime and cybersecurity, the Judicial Police and the National Cybersecurity Center (CNCS), respectively.
The following day, AMA worked closely with the relevant national authorities on cybercrime and cybersecurity to progressively and securely restore customer service at Citizens’ Shops, along with access to other digital platforms and services.
On the same date, October 11, AMA reported that:
The incident to the National Data Protection Commission (CNPD), complying with the legal deadline for notification up to 72 hours after the occurrence, by sending a report, which states the existence of a breach in its systems and the lack of knowledge of access or exfiltration of personal data.
Since that day, the team has implemented a set of preventive and corrective measures to ensure adequate security during the restoration of affected services. These measures will continue to be reinforced based on the results of the ongoing forensic analysis process.
Reassurance from the Ministry
The official statement released on October 14 indicates that:
After the risk reassessment by CNCS, AMA’s partner entities were informed that the measures implemented guarantee adequate security in the reestablishment of the affected services.
Furthermore, the ministry said:
We appreciate the understanding and collaboration of all citizens and partner entities to minimize the constraints caused during this period in the recovery and normalization of services.
