Puerto Rico’s Department of Transportation Investigating Cyberattack

Key facts: pr.gov cyberattack

• Unauthorized access identified: March 23, 2026.
• Target entity: Puerto Rico’s Department of Transportation (pr.gov).
• Data types: Not yet confirmed; potentially includes driver’s license numbers, permits, and vehicle registration details.
• Severity: High; the attack targeted government infrastructure responsible for personal identification and vehicle records.

What happened in the pr.gov cyberattack?

Puerto Rico’s Department of Transportation (pr.gov) disclosed a cyberattack that was publicly reported on March 25, 2026. The incident, which was discovered on March 23, 2026, led to the immediate disconnection of all department systems to contain the threat. No specific threat actor has been named at this time, but the Puerto Rico Innovation and Technology Service (PRITS) is currently collaborating with the department to restore systems and conduct technical tests.

The agency responsible for driver’s licenses, permits, and vehicle registrations (CESCO) has suspended all services and canceled upcoming appointments while the investigation continues. Government reports indicate that the attack was successfully stopped and that there is currently no evidence of data theft. However, high-severity incidents involving government infrastructure often carry risks of unauthorized access to personal identification documents. Although data theft is not yet confirmed, similar incidents often result in the exposure of sensitive citizen information.

Who is behind the incident?

The attacker or cause of the incident has not been identified.

Impact and risks for pr.gov customers

For citizens who utilize pr.gov services, the primary risk involves potential service disruption and the possibility that sensitive personal information—such as driver’s license numbers or registration details—could be compromised. Even if no data theft is confirmed, such attacks can lead to credential abuse or targeted phishing campaigns aimed at government employees and residents. Individuals should remain cautious regarding unsolicited communications requesting personal details or claiming to be from government agencies.

Government-targeted cyberattacks typically result in prolonged downtime and administrative hurdles for the public. To mitigate risks, residents should monitor their accounts for suspicious activity and consider identity theft protection services. Maintaining transparency regarding the investigation helps build public trust and ensures that affected parties can take timely protective actions.

How to protect against similar security incidents

Residents who interact with pr.gov for licensing and registration should take steps to secure their personal information following this high-severity cyberattack.

• ‍Monitor personal and financial accounts. Regularly check for unauthorized activity or suspicious transactions. Be vigilant for phishing emails or texts that reference Puerto Rico government services.‍
• Implement phishing-resistant MFA. Enable multi-factor authentication on all sensitive accounts. Use hardware keys or authenticator apps rather than SMS-based codes where possible.‍
• Use identity theft protection services. Consider enrolling in credit monitoring to detect potential misuse of personal data. Report any suspected identity fraud to local authorities immediately.‍
• Maintain continuous attack surface monitoring. Deploy solutions to identify and remediate vulnerabilities across the digital footprint. Implement real-time monitoring to detect unauthorized access attempts promptly.

Taking proactive steps now can significantly reduce the potential impact of data exposure.

Frequently asked questions

What happened in the pr.gov security incident?

On March 25, 2026, pr.gov (pr.gov) disclosed a security incident. According to initial reports, Puerto Rico’s Department of Transportation canceled all upcoming appointments at the agency responsible for driver’s licenses, permits, and vehicle registrations due to a cyberattack discovered on March 23, 2026.

When did the pr.gov cyberattack occur?

The pr.gov cyberattackwas publicly reported on March 25, 2026. The exact date of the attack has not been disclosed.

What data was exposed?

The types of data involved in the pr.gov incident have not been disclosed. This page will be updated as verified information becomes available.

Is my personal information at risk?

If you interacted with pr.gov, there's a possibility your personal information could be affected. Similar incidents often involve email addresses, login details, or financial records. Stay alert for updates and take precautionary measures to secure your accounts.

How can I protect myself after a cyberattack?

• Change passwords for accounts linked to government services.
• Enable multi-factor authentication (MFA) where available.
• Monitor financial accounts for unauthorized activity.
• Be wary of phishing attempts via email or text.
• Use breach monitoring tools to track your data.

What steps should companies take after being breached?

In response to the incident, the organization may secure systems, notify affected parties, provide guidance on protective actions, review security measures, and deploy attack surface management.

This cybersecurity news article is powered by UpGuard Breach Risk — continuous attack surface monitoring for your organisation and supply chain.