Sri Lanka Finance Ministry Hacked – $2.5 Million Stolen

"Sri Lanka probes cyber breach at finance ministry system" – Xinhua, April 23, 2026

This is a shocking story. Hackers gained unauthorized access to a computer system at Sri Lanka's Department of External Resources – a division of the country's Finance Ministry .

The breach was first identified when officials spotted a suspicious foreign currency transaction in January 2026. But the full scale of the theft is only now becoming clear .

How Much Was Stolen?

According to opposition politicians and local media reports, approximately $2.5 million of treasury funds was stolen .

Here is how it happened:

In September 2025, Sri Lanka was due to pay USD 22.9 million to a creditor in Australia. Between December 2025 and January 31, 2026, a partial payment of USD 2.5 million was made. But instead of reaching the correct creditor, the money landed in a hacker's account .

Who Is Responsible?

The investigation is ongoing. The authorities have informed:

• The Sri Lanka Computer Emergency Readiness Team
• The Computer Crime Investigation Division of the police
• The Criminal Investigation Department
• The Financial Intelligence Unit of the Central Bank 

Disciplinary action has already been initiated against several officials .

The Government's Response

The Ministry of Finance has said that arrangements "may be made with foreign jurisdictions under existing agreements" to pursue the hackers across international borders .

Why This Matters for You

If a country's Finance Ministry can be hacked and have millions stolen, no organization is completely safe. This shows that government systems – which handle everything from tax payments to public funds – are vulnerable.

For individuals, this is a reminder: even "official" and "government" channels can be compromised. Always verify payment instructions, especially for large transactions.

Step-by-Step Solutions

Step 1: Never trust payment instructions sent by email alone. If you receive a notice to change payment details, verify through a separate channel (phone call to a known number, not the one in the email).

Step 2: For large payments, use multiple verification methods. Confirm account numbers and beneficiary details through at least two different communication channels.

Step 3: Check your bank statements regularly. The suspicious transaction in Sri Lanka was identified in January – look at your own accounts for anything unusual.

Step 4: Report suspicious activity immediately. The faster you report, the better the chance of recovery.

Step 5: Be aware that government systems can be hacked. Do not assume "official" means "secure."