Sri Lanka Finance Ministry Hacked: $2.5 Million Stolen in Record Cyber Attack

Yesterday, cyber criminals breached the Sri Lankan finance ministry’s computer system. They successfully siphoned off $2.5 million. Consequently, this incident marks the largest cash theft by hackers from a state institution in the country. This cyber attack delivers a massive blow to Sri Lanka. Currently, the nation is still recovering from a crippling 2022 economic crisis. During that period, Colombo defaulted on its massive $46 billion external debt.

The hackers specifically targeted the Public Debt Management Office (PDMO). Initially, authorities detected an attempted breach of the ministry’s e-mail server. Upon immediate investigation, they discovered the missing $2.5 million. Originally, the government allocated this money as a scheduled debt repayment to Australia. Harshana Suriyapperuma, the finance ministry secretary, confirmed these details to reporters in the capital. As a direct result of the breach, the government suspended four senior PDMO officers.

Presently, criminal investigators are actively examining the cyber attack. Moreover, Sri Lankan authorities have officially requested assistance from foreign law enforcement agencies. Suriyapperuma declined to provide further details during this active probe.

Meanwhile, Australia is actively stepping in to help. Matthew Duckworth, Australia’s High Commissioner in Sri Lanka, addressed the situation on X. He confirmed that Canberra noticed the payment irregularities. Therefore, Australian officials are closely coordinating with and assisting Sri Lankan investigators. Furthermore, Duckworth reiterated Australia’s ongoing commitment to supporting Sri Lanka’s return to debt sustainability.

Interestingly, Sri Lanka only recently established the PDMO. The government launched this office earlier this year. This strategic move aligned directly with an IMF-backed $2.9 billion bailout loan secured in early 2023.

Ironically, this major government hack follows recent public warnings. Earlier this year, the central bank and the finance ministry launched a widespread advertising blitz in local newspapers. They actively warned citizens to avoid falling prey to cyber scams. Now, the state itself has suffered a record-breaking breach.

CybersecurityIs China the First Country to Regulate AI Avatars & Deepfake Use? Here’s What We KnowBy Abdul Wasay|3 days ago|3 min readChina’s Cyberspace Administration has issued comprehensive draft regulations governing AI-generated “digital humans,” requiring prominent labeling, explicit consent for using personal likenesses, and special protections for.

CybersecurityRussia Proposes Cybersecurity Partnership to Protect Pakistan’s Energy InfrastructureBy Abdul Wasay|4 days ago|4 min readRussia has offered to cooperate with Pakistan in strengthening cyber protection of energy infrastructure amid rising global concerns over cyber threats targeting critical utilities, with.

CybersecurityGoogle Maps Spam Fight Blocks Millions Of Policy ViolationsBy Abdul Wasay|6 days ago|3 min readGoogle blocked or removed over 292 million policy-violating reviews and eliminated more than 13 million fake business profiles on Google Maps in 2025, according to.