Cyberattack brings down Vodafone Portugal mobile, voice, and TV services
Image: Jordi Moncasi
Catalin Cimpanu February 8, 2022

Cyberattack brings down Vodafone Portugal mobile, voice, and TV services

Cyberattack brings down Vodafone Portugal mobile, voice, and TV services

Vodafone Portugal said today that a large chunk of its customer data services went offline overnight following “a deliberate and malicious cyberattack intended to cause damage and disruption.”

The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS, and voice/digital answering services are still offline following the attack.

“We have already recovered mobile voice services and mobile data services are available exclusively on the 3G network in almost the entire country but, unfortunately, the scale and seriousness of the criminal act to which we were subjected implies careful and prolonged work for all other services,” the company said in a statement published earlier today.

Vodafone said it’s working on restoring the remaining services throughout the day, with the help of local and international teams in what currently is the largest cybersecurity incident the company has ever dealt with.

The company also said it’s working with authorities to investigate the incident and that based on current evidence, customer data doesn’t appear to have been accessed or compromised.

Although despite the presence of some rumors online, Vodafone Portugal has not attributed the ongoing incident to a ransomware attack.

These rumors are currently making waves online because over the past month, a ransomware gang had extorted Impresa and Cofina, two of Portugal’s largest news media outlets. The Lapsus$ ransomware gang, which was behind the two attacks, has not taken credit for the Vodafone Portugal outage on any of its online accounts.

Contacted via LinkedIn, a Vodafone Portugal employee said they were only aware of the technical outage and were not aware of the company’s press release attributing the outage to a cyberattack, suggesting details about what happened on the night between February 7 and February 8 have yet to uncovered or shared internally.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.