Portugal's Internet and Phone Networks Caught in Power Grid Crisis: What You Need to Know

The Portugal Communications Authority (ANACOM), in its 2025 annual report published in April 2026, recorded 87 security incidents across the country's telecommunications networks, marking a 6% uptick from the previous year and underscoring persistent vulnerabilities in the nation's digital infrastructure—particularly its acute dependence on stable electricity supply.

Why This Matters

• Service disruption risk remains high: Fixed-line telephone and internet services bore the brunt, accounting for 59% of all incidents—directly affecting remote workers, businesses, and emergency communications.

• One catastrophic event skewed the numbers: The April 28 blackout alone impacted 14.6 million subscriber connections, compared to just 1.9 million affected across all of 2024.

• External factors dominate: Over 77% of incidents in the past decade stemmed from causes outside the telecom sector's control, such as power cuts, natural disasters, and third-party infrastructure failures.

• Public information often lacking: Despite regulatory obligations, only 21 of the 87 incidents triggered official public notifications—raising questions about transparency.

April's Cascade Failure Exposed Grid Fragilities

The telecommunications breakdown on April 28, 2025, was a direct consequence of the Iberian Peninsula power outage that began at 11:33 a.m. Lisbon time. The cascade originated in Spain due to voltage oscillations that Portuguese grid operators learned about only after the collapse crossed the border—a six-second delay that left the Portugal National Electricity Transmission Network (REN) with insufficient time to implement protective measures.

According to the final investigation report released by ENTSO-E (the European Network of Transmission System Operators for Electricity) in March 2026 after an 11-month technical inquiry, the blackout resulted from a lethal combination: insufficient synchronous generation with dynamic voltage control, inadequate reactive power management, divergent regulatory practices between Spain and Portugal, and rapid shutdowns of renewable generation facilities in Spain. This triggered overvoltage surges in cascade, knocking out renewable plants across the peninsula and plunging millions into darkness for up to 12 hours.

Environment and Energy Minister Maria da Graça Carvalho confirmed in April 2026 that the fault originated on Spanish territory, with no advance warning transmitted to Portuguese authorities. The incident resulted in at least one death in Portugal and seven in Spain, alongside widespread disruption to metro systems, traffic signals, ATMs, hospital backup power, and the Portugal Tax Authority's online portal.

What This Means for Residents and Businesses

For anyone living or operating in Portugal, the findings paint a clear picture: your connectivity is only as resilient as the electricity grid feeding it. Major Portuguese telecom operators, including Vodafone Portugal, MEO, and NOS, responded by accelerating investments in backup generators and extended battery autonomy at base stations—a lesson learned the hard way when mobile networks went dark alongside the grid.

The telecommunications sector is not yet classified as critical infrastructure in Portugal, which means telecom operators do not receive priority during electricity restoration. Advocacy groups and industry bodies continue to push for this designation, which would legally guarantee faster power reconnection and unlock additional funding for resilience upgrades.

If you rely on fixed internet for remote work, telemedicine consultations, or business operations, consider investing in uninterruptible power supplies (UPS) and mobile data backup plans. The average incident duration dropped from 57 hours in 2024 to 37 hours in 2025, but that still represents more than a day and a half offline during critical outages.

The Regulatory Response and Operator Obligations

ANACOM's Regulation No. 303/2019, in force since April 1, 2019, mandates that telecom operators notify the regulator of significant security breaches, maintain continuity plans, and conduct regular audits and drills. Article 23 requires operators to inform the public during high-impact incidents—yet compliance remains patchy.

The Decree-Law No. 22/2025, which transposes the European Directive on the Resilience of Critical Entities, further tightened the rules. Operators must now demonstrate business continuity capabilities for essential services, including redundant routing (fiber optic rings), reserve power at cell towers, and coordination protocols with energy providers.

ANACOM's Center for Incident Reporting (CRN) received notifications concentrated in the first and second quarters of 2025, with the second quarter seeing the highest volume. However, the distribution has become more uniform throughout the year compared to prior periods—a sign that incident patterns are shifting or reporting practices are improving.

Breakdown of Incident Causes and Affected Services

External dependencies remain the Achilles' heel. In 2025, nearly 98% of incidents traced back to four root causes:

Third-party service failures (primarily electricity cuts)

Natural phenomena and accidents (storms, floods, equipment struck by lightning)

Malicious attacks (cyberattacks, physical sabotage)

Hardware and software malfunctions (including planned maintenance windows that overran)

Subscription TV services came in second at 46% of incidents, often bundled with internet and telephone on the same infrastructure. The cascading nature of modern networks means a single fiber cut or power loss can simultaneously knock out voice, data, and video services for thousands of households.

Of the 87 incidents, five had nationwide reach, while the remainder concentrated in specific districts across mainland Portugal. Total downtime amounted to 2,412 hours in 2025, down slightly from 2,570 hours in 2024—but the subscriber impact exploded 7.7-fold, driven almost entirely by the April blackout.

Europe's Broader Cyber Landscape

Portugal's 87 incidents exist within a much larger European threat environment. The EU Agency for Cybersecurity (ENISA) catalogued nearly 4,900 cybersecurity incidents across all sectors between July 2024 and June 2025, with distributed denial-of-service (DDoS) attacks accounting for 77% of reported events. Telecom networks faced an average of 2,612 cyberattacks per organization per week in the second quarter of 2025—a 38% year-on-year surge.

While ANACOM's data emphasizes physical infrastructure failures and power dependency, European-level reporting highlights state-aligned espionage, ransomware, and data breaches involving customer records sold on dark web markets. The divergence reflects different reporting methodologies: ANACOM tracks operational disruptions with significant public impact, whereas ENISA focuses on deliberate cyber threats.

Investment and Future Resilience Measures

Telecom operators and energy authorities are implementing critical upgrades to fortify infrastructure:

• Cell Broadcast public alert systems, enabling mass emergency notifications even when internet and voice networks are congested

• Fiber optic ring architectures with multiple redundant paths

• Multi-site generator deployment by major mobile operators

• Enhanced coordination protocols between REN, ANACOM, and telecom operators

Investment programs by major operators like Vodafone serve as industry benchmarks for post-blackout resilience improvements, though smaller regional providers may lack the capital for equivalent upgrades. The Portugal Recovery and Resilience Plan (PRR) includes a dedicated pillar for critical infrastructure modernization, risk monitoring systems, and strategic reserves—though telecom resilience competes for funding with healthcare, water utilities, and transportation networks.

Diagonal Reading Summary

Portugal's telecom networks weathered 87 security incidents in 2025, a modest 6% increase that masks a dramatic 7.7-fold spike in affected subscribers due to the April 28 blackout. Over three-quarters of disruptions trace to external dependencies—chiefly electricity supply—rather than telecom-specific failures. While average downtime per incident improved, the lack of critical infrastructure status delays restoration priority during national emergencies. Regulatory frameworks are tightening, and operators are investing in backup power and redundant routing, but foreign residents and businesses should maintain contingency plans for multi-day connectivity outages. The nationwide incidents in 2025 serve as a stress test for Portugal's digital economy, revealing both the fragility of cross-border grid dependencies and the urgent need for legally mandated resilience standards.