A fresh cybersecurity concern has emerged within Sri Lanka’s financial administration, with reports indicating that sensitive documents linked to a future French loan repayment have gone missing from the Ministry of Finance’s computer systems. Investigators suspect the incident may be connected to the same network of hackers believed to be behind the recent misdirection of USD 2.5 million in Treasury funds.
Preliminary findings suggest that the missing files are directly related to a scheduled repayment obligation to a French lender. Their disappearance has raised alarm among officials, who fear the data may have been accessed—or deliberately removed—as part of preparations for a further fraudulent transaction. The possibility that critical financial information could be exploited in advance of another breach has intensified scrutiny of internal systems and protocols.
The investigation is currently being led by a specialized cyberforensic unit of the Criminal Investigation Department (CID), which has begun a detailed examination of the Ministry’s digital infrastructure. Authorities are attempting to determine whether the breach resulted from external intrusion, internal compromise, or a combination of both.
As part of the ongoing probe, CID officers have reportedly taken custody of electronic devices used by staff of the External Resources Department. These include laptops, mobile phones, and SIM cards belonging to personnel who were also involved in handling the earlier USD 2.5 million debt repayment transaction to Australia. That incident, in which funds were mistakenly transferred into a fraudulent account, remains under active investigation and is now seen as potentially linked to the current development.
The convergence of these incidents has raised serious concerns about the resilience of Sri Lanka’s financial management systems, particularly in relation to external debt servicing. With multiple repayment obligations scheduled in the coming months, officials face mounting pressure to ensure that safeguards are strengthened and vulnerabilities addressed before further damage can occur.
Authorities have yet to issue an official statement detailing the scope of the breach or confirming whether any financial loss has occurred in this latest incident. However, the developments underscore the growing importance of cybersecurity within public finance, as governments increasingly rely on digital systems to manage complex international transactions.
Leave a comment