The Pensions Department of Sri Lanka has come under scrutiny following claims that it was targeted by the notorious Cloak ransomware group, with a significant volume of data allegedly leaked onto the dark web.
Cybersecurity threat monitoring platform FalconFeeds.io revealed via its official X (formerly Twitter) account that the Pensions Department suffered two incidents of unauthorised access, first on April 2 and again on May 26.
The latest breach reportedly resulted in the release of 617 gigabytes of internal data.
However, the Pensions Department has maintained that there was no loss of data or disruption to public services following a cyber-attack in early April.
In its earlier statement, the Department confirmed that IT systems were in the process of being restored and that pension services remained unaffected.
The Cloak ransomware group, identified by FalconFeeds.io as the actor behind the breaches, is known for its method of encrypting critical data and demanding ransom payments in exchange for decryption keys or to prevent public exposure of stolen files. The group has previously targeted organisations across various sectors globally.
This incident could represent one of the most significant cyber breaches of a public institution in Sri Lanka in recent times, raising concerns over the robustness of government cybersecurity infrastructure and the protection of sensitive citizen data.
Leave a comment