Rio Preto City Hall Employees Fired After Six-Day Hacker Attack
The Municipal Company of Technology and Information (Empro) has dismissed two public servants for just cause following an administrative investigation into a cyberattack that paralyzed the systems of the São José do Rio Preto City Hall for six days in 2025. The cyber intrusion compromised municipal administration services, leading the Public Prosecutor's Office (MP) to indict three suspected servers. The dismissals of Fernando Peres Pinheiro and Felipe Ponchio Garcia were published in the Official Gazette and signed by Empro's director-president, Marco Antonio da Silva Rodrigues. Empro stated that the administrative decision was based on irregularities found in the disciplinary process, including the exercise of business activities competitive with Empro and the misuse of company resources and information. The MP's indictment charges the individuals with criminal association, qualified computer device intrusion, and inserting false data into an information system. The case is under judicial seal. During the attack, hackers demanded R$500,000 in cryptocurrency to restore access to the city's computer network. The three indicted individuals were targets of "Operation Caim" by the Civil Police. Two were temporarily arrested in October 2025 but later released under provisional liberty with cautionary measures, including maintaining an updated address, monthly court appearances, and restrictions on leaving the city or moving in certain areas. Two of the investigated individuals were Empro employees; one had been on unpaid leave for two years to start a private company. The Civil Police seized electronic equipment and cell phones during the operation.
This event highlights the critical intersection of public service, private enterprise, and cybersecurity. The administrative disciplinary process and subsequent dismissals demonstrate a response to alleged misconduct, specifically the conflict of interest and misuse of public resources. The criminal charges filed by the Public Prosecutor's Office indicate a broader legal framework being applied to address the severity of the cyberattack. Moving forward, such incidents underscore the need for robust internal controls, continuous security monitoring, and clear ethical guidelines for public sector employees, particularly those in technology-dependent roles. The potential for future vulnerabilities in municipal systems necessitates a proactive approach to cybersecurity, including regular audits and employee training, to safeguard essential public services against evolving threats in the digital age.
AI-generated to prompt reflection — not editorial opinion, not advice, not a statement of fact. How this works.