Deputy Minister of Digital Economy Eranga Weeraratne yesterday assured Parliament that no government or citizen data was compromised following the unexpected collapse of the Lanka Government Cloud (LGC) on October 14, 2025.
“All sensitive citizen and institutional data remain fully intact,” the Minister emphasized, confirming that the National Cyber Security Operations Centre (NCSOC) had monitored the incident in real time and detected no unauthorized access or breach attempts.
The assurance came amid questioning from MP Ravi Karunanayake of the New Democratic Front, who sought clarity on the cause of the failure, accountability, and the government’s readiness to avoid similar disruptions in future.
Minister Weeraratne explained that the failure was not the result of a cyberattack but a technical fault caused by a storage disk reaching 100% utilisation, triggering an automatic shutdown protocol. This mechanism, he said, is a built-in safety feature designed to protect data integrity and prevent corruption.
“This was not a system-wide failure but a controlled shutdown,” Weeraratne clarified. “Services were restored by Saturday night, after comprehensive validation to ensure all data remained secure.”
Karunanayake pressed for transparency, urging the government to table a cybersecurity audit report and outline measures to rebuild confidence in the country’s digital infrastructure.
In response, Weeraratne unveiled a broad national cybersecurity strategy aimed at strengthening resilience and governance. Key measures include:
Full implementation of the national cybersecurity policy and mandatory penetration testing across government institutions.Identification of Critical Information Infrastructure (CII) in key sectors such as finance, health, and energy.
Establishment of a Cybersecurity Regulatory Authority (CSRA) with statutory enforcement powers.Ratification of the UN Cybercrime Convention to boost international cooperation.
Enhanced coordination with Sri Lanka CERT, TRCSL, CBSL, and licensed banks to combat phishing and digital fraud.
Karunanayake also proposed creating a National Cybersecurity Command Authority to centralize monitoring and emergency response. The Minister confirmed that cabinet approval processes are already underway to establish such a body under new legislation.
