CT emissions tests still halted after malware attack on DMV provider
While some of its eight programs affected by a hacking incident have gone back online, a company official said Thursday that Applus Technologies continues to work with the Connecticut Department of Motor Vehicles “to get their program up and running safely and securely as quickly as we can.”
Following an attempted malware attack, some of Applus’ programs were halted. In Connecticut, that affected the state DMV’s ability to offer emissions testing services.
Dennis Palmer, the vice president of corporate development for Applus Technologies, said the process to go live involves three stages: The remediation process, the restoration process — which is the one they’re currently in — and after that, “the go live phase.”
“Once we’ve completed phase 2, the restoration, we’ll do some testing to make sure it’s safe and secure,” he said. “That’s our primary concern right now is to make sure everything is safe and secure before we go live.”
The company hopes “to have some information shortly” in terms of a “little bit more definitive timeline,” he added.
Shaun Formica, state DMV communications director, wrote in an email that procedures were altered last week “to allow customers to register vehicles regardless of vehicle emissions test status.”
“Emissions testing requirements will need to be met at a later time,” Formica wrote. “DMV will provide information to customers when the system is back online.”
Additionally, dealerships have been given the option to give 30-day registrations to those buying vehicles there, according to Formica. And when the system goes live again, “[p]ermanent registrations will be
issued,” Formica wrote.
Formica also wrote that the agency had “notified law enforcement last week to ask for their cooperation to not cite those with an expired emissions test during this outage.”
As far as whether anyone’s information was compromised, Palmer said they’re “still looking at that,” but there wasn’t any evidence of it right now. A recommendation from the company for people to “check their personal information” came “out of an abundance of caution,” he said.
“That statement was made not because there was anything in particular or specific we identified, it’s
just good practice,” he said.
The company had told customers in a Q&A to “monitor your financial accounts for any unauthorized activity and alert authorities and your bank if you see anything unusual.”
Regarding the cyberattack, Palmer said it involved sophisticated malware, and they believed the incident was a crime.
“So we turned the information over to the FBI,” he said.
The Federal Bureau of Investigation didn’t say whether the agency was investigating the incident.