Sri Lankan Finance Ministry Hit by $3.7 Million Cyber Heist Targeting Debt Payments
The Sri Lankan government has confirmed a cyber attack on its Finance Ministry, resulting in the theft of over $3.7 million the largest sum ever stolen by hackers from a Sri Lankan state institution. The funds, earmarked for debt repayments to Australia, were diverted after attackers breached the ministry’s email servers and computer systems.
Australian High Commissioner to Sri Lanka, Matthew Duckworth, acknowledged the incident, stating that both governments were aware of "irregularities" in the payments. While Sri Lankan authorities have not disclosed the nature of the attack or identified the perpetrators, Finance Ministry Secretary Harshana Suriyapperuma revealed that hackers altered payment details to redirect the funds.
The Criminal Investigation Department (CID) and the Financial Intelligence Unit of the Central Bank of Sri Lanka have been notified, and a formal investigation led by a committee including two deputy Treasury secretaries has been launched. The breach was discovered after officials detected unauthorized access to the ministry’s email servers.
Sri Lanka, still recovering from its 2022 economic crisis and default on $46 billion in external debt, remains under scrutiny as authorities work with Australian officials to trace the stolen funds. Australia has reaffirmed its commitment to supporting Sri Lanka’s debt sustainability efforts amid the ongoing probe.
Sri Lankan Finance Ministry TPRM report: https://www.rankiteo.com/company/central-bank-of-sri-lanka
"id": "cen1777012143",
"linkid": "central-bank-of-sri-lanka",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Public Sector/Finance',
'location': 'Sri Lanka',
'name': 'Ministry of Finance, Sri Lanka',
'type': 'Government'}],
'attack_vector': 'Email server breach, unauthorized access to computer '
'systems',
'data_breach': {'sensitivity_of_data': 'High (financial transactions)',
'type_of_data_compromised': 'Payment details'},
'description': 'The Sri Lankan government confirmed a cyber attack on its '
'Finance Ministry, resulting in the theft of over $3.7 '
'million, the largest sum ever stolen by hackers from a Sri '
'Lankan state institution. The funds, earmarked for debt '
'repayments to Australia, were diverted after attackers '
'breached the ministry’s email servers and computer systems.',
'impact': {'brand_reputation_impact': "Negative impact on Sri Lanka's "
'financial credibility',
'financial_loss': '$3.7 million',
'operational_impact': 'Unauthorized alteration of payment details',
'payment_information_risk': 'Payment details altered',
'systems_affected': 'Email servers, computer systems'},
'initial_access_broker': {'entry_point': 'Email servers',
'high_value_targets': 'Debt payment details'},
'investigation_status': 'Ongoing (led by a committee including two deputy '
'Treasury secretaries)',
'motivation': 'Financial gain',
'post_incident_analysis': {'root_causes': 'Unauthorized access to email '
'servers and computer systems'},
'references': [{'source': 'Australian High Commissioner to Sri Lanka, Matthew '
'Duckworth'}],
'regulatory_compliance': {'regulatory_notifications': 'Central Bank of Sri '
'Lanka notified'},
'response': {'law_enforcement_notified': 'Criminal Investigation Department '
'(CID), Financial Intelligence Unit '
'of the Central Bank of Sri Lanka',
'recovery_measures': 'Tracing stolen funds with Australian '
'officials'},
'title': 'Sri Lankan Finance Ministry Hit by $3.7 Million Cyber Heist '
'Targeting Debt Payments',
'type': 'Cyber Heist'}