Invasion of government system embezzles at least R$3.5 million | Brazil

The government identified a diversion of R$3.5 million in resources from the Ministry of Management and Innovation in Public Resources, of which R$2 million was recovered, after the invasion of the Integrated Financial Administration System (Siafi) — used by the government to pay creditors, send transfers to states and municipalities and transfer the salaries of public servants.

The information was published by the newspaper ‘Folha de S.Paulo’ and confirmed by Estadão. The diversion occurred on April 5th. Later, there was a second attempt at movement, which totaled R$9 million, from the same ministry. This time, however, the attack was thwarted. The case is investigated by the Federal Police and the Brazilian Intelligence Agency (Abin).

There is still no confirmation whether public servants or other people were involved in the crime. Other amounts may have been diverted from other ministries. According to the National Treasury Secretariat, the security of the system is preserved.

As Estadão found, the government identified that the fraud occurred by changing the bank details of the supplier who was supposed to receive the money from the government. By identifying the movement, the ministry was able to recover R$2 million because the money had not yet left the recipient’s bank account. The rest ended up being withdrawn or transferred.

SMS messages

It is also known that government employees received a suspicious message on their cell phones attempting to steal data from Siafi. The text contained the name, the person’s CPF and a link to update data, which was fraudulent: “SIAFI: (user name) We inform you that from 04/08 the use of the digital certificate will be mandatory”, said the message , followed by a link and the employee’s CPF.

All Union money needs to be registered on the platform. Only authorized people in each body are authorized to access the system. An even more restricted number can make payment orders, transferring resources from the Treasury to the bank accounts of those who will receive it.

On April 9, government employees were warned about the fraudulent message and warned not to click on the link — and that, if they had clicked or provided the data, they should immediately change the access password and report the case to the National Treasury. When contacted by Estadão, the organization did not comment on the message.

After the suspicion, the government changed the rules for accessing the system. Previously, users had a password or could log in using the gov.br platform, a single access method for various public services. Financial managers and expense managers of Union bodies — that is, those responsible for directly authorizing payments — also needed to have a digital certificate to move resources.

Now, this certificate must necessarily be issued by Serpro, the federal government’s intelligence company, and cannot be provided by other private companies that also issue digital signatures — which was previously accepted.

Asked this Monday (22) about the invasion, the Minister of Finance, Fernando Haddad, said that one of the suspects had already been identified.