Massive Ransomware Attack on SriLanka Wipes Out Months of Data

The Information and Communication Technology Agency (ICTA) has officially confirmed a severe data loss incident that has had a far-reaching impact on all government offices using the “” email domain.

The Information and Communication Technology Agency is the lead agency in Sri Lanka for implementing information and communications technology initiatives by the Government of Sri Lanka. 


It was established to develop the economy of Sri Lanka through ICT.

The Director for Strategic Communications at ICTA issued a notice confirming the unfortunate incident, which affected several government offices relying on the “” email domain, including the Cabinet Office. 

Ransomware Attack Notice
Ransomware Attack Notice

The data loss is believed to have been caused by a large-scale ransomware attack that occurred between May 17th and August 26th.

Approximately 5,000 email addresses fell victim to this ransomware attack, according to ICTA’s report. 

What makes this situation even more distressing is the revelation that there was neither an offline nor an online backup system in place for a critical period of two months. 

As a result, several emails lost due to the attack are now deemed irrecoverable.

In response to this alarming incident, ICTA has taken immediate action. 

They have decided to implement a daily offline backup process to prevent such devastating data losses in the future. 

The relevant application processes will also be upgraded to the latest versions, bolstering defenses against virus attacks to enhance the overall cybersecurity infrastructure.

Efforts to recover the lost data are currently underway, with both ICTA and the Sri Lanka Computer Emergency Readiness Team (SLCERT) working diligently to address the aftermath of this ransomware attack.

Meanwhile, SLCERT has issued a public warning about a phishing scam that specifically targets Sri Lankan nationals.

Ransomware Attack Notice
Ransomware Attack Notice

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.