What happened
Puerto Rico government agency cancels driver’s license appointments after a cyberattack forced officials to disconnect transportation systems tied to licensing, permits, and vehicle registrations. Government officials announced the incident on Tuesday and said on Wednesday that the Puerto Rico Innovation and Technology Service is working with the Department of Transportation to restore affected systems. Poincaré Díaz, executive director of PRITS, said the cyberattack was discovered on Monday, after which all of the Department of Transportation’s systems were disconnected. He said incident response protocols were activated once the attack was detected by a security monitoring system. Officials also said the attack “was stopped” and that there is no evidence data was stolen. As a result, Centros de Servicios al Conductor (CESCO) canceled all appointments while technical testing continues before services are restored.
Who is affected
The direct impact falls on people in Puerto Rico with upcoming appointments at CESCO, the agency responsible for driver’s licenses, permits, and vehicle registrations. The disruption also affects the transportation agency’s service operations while systems remain disconnected and restoration work continues.
Why CISOs should care
This incident has immediate operational significance because a cyberattack led to the disconnection of government transportation systems and the suspension of public-facing services. It also highlights the business and governance pressure that follows when agencies must verify system integrity before restoring essential services.
3 practical actions
- Confirm restoration thresholds: Ensure technical and business leaders agree on the exact integrity checks required before public-facing services are brought back online.
- Test service continuity for agency shutdowns: Validate whether key citizen services can continue when core departmental systems must be disconnected after a cyber incident.
- Align communications with operational reality: Keep public updates tightly coordinated with incident response and restoration testing so affected users understand which services remain unavailable and why.
For more coverage of major incidents and threat activity, explore our reporting on Cyberattacks.