The company that provides services to the state Department of Motor Vehicles is warning customers to “monitor your financial accounts” after its system was hacked, causing its programs to still be suspended more than a week later in eight states, including Connecticut.
The company, Applus Technologies, said it learned of an attempted malware attack around 5:30 a.m. March 30. The company said it shut down its programs, affecting services in eight states.
Applus said it has enlisted the help of computer forensic experts to help analyze the recent attack. The experts will also restore the company’s IT environment to allow for service restoration — although it’s still not clear when that will happen.
The Connecticut Department of Motor Vehicles said its emissions testing program has been down statewide since last week.
In response to the service outage, the agency said Tuesday afternoon it has adjusted its procedures to allow new vehicle registrations to proceed without an emissions test. The DMV is allowing dealerships to give new cars 30-day registrations while the outage is in effect.
“Permanent registrations will be issued once the system is back online,” DMV spokesperson Shaun Formica said.
The agency also asked law enforcement officials last week not to ticket drivers with expired emissions tests during the outage.
Formica said emissions tests will still be required in the future, and said the agency will let motorists know when emissions testing is open once again.
Applus said it does not yet have a timeline for when services will get back online.
“As of this date, there is no timeline,” Applus said in a statement on Tuesday. “Once the system is cleaned, there is a thorough testing process ... before we can safely take the system live.”
Applus said the computer forensic experts are working to “determine the scope of the attack and whether or not any personal information has been compromised.”
“Unfortunately, these investigations take time,” the company said. “We recommend that you monitor your financial accounts for any unauthorized activity and alert authorities and your bank if you see anything unusual.”
Applus said it wants to make sure “every component of the program” is free of malware, thoroughly tested and operating normally before the system goes back online.
Once the investigation is complete, the company said it will provide an update on the results of the forensic analysis.
Applus said it will also install additional security measures to prevent an attack like this from happening again.
The attack last week was the second time Applus’ services were down in March, but the company said the two outages were unrelated, adding the first incident did not involve malware.
Staff Writer Peter Yankowski contributed reporting