On April 14, Luke Nacei reported:
A cyber attack resulted in disruptions to some of Government’s online services and networks, including GovNet, on Monday.
Attorney-General and Minister for Communications Aiyaz Sayed-Khaiyum said as a measure of extreme precaution, advice had been disseminated across Government to protect network integrity resulting in a temporary disruption to the government network.
“Fiji has developed its cybersecurity infrastructure in line with international best practices and that has allowed us to respond effectively to past cybersecurity incidents and quickly manage the impact of this incident.”
Read more on The Fiji Times.
Prior to that report, on April 12, FijiVillage on Facebook had noted the disrupted services:
“Some Fijian GovNet sites are down including the COVID-19 vaccination registration site. #FijiNews #TeamFiji #Fiji”
Now threat actors known as Sodinokibi (REvil) have added Fiji GovNet Fiji to their dedicated leak site of victims with a message:
Hello! here some files screenshots owned by government administration of fiji. In case if victim will not get in touch the files will be public
The message is accompanied by numerous screencaps of files allegedly taken from the government’s server. As they often do, the threat actors include screencaps of directories of files as well as screencaps of some actual files. DataBreaches.net is not reproducing them here.
It is not clear from available news coverage whether the COVID vaccination registration is still impacted or if that is now functional again, but looking at the web site, it appears to back online.
DataBreaches.net will update as more information becomes available.
Reporting by Chum1ng0; some additional material by Dissent.