Cyberattack Forces Puerto Rico Transportation Department to Shut Down All Systems, Suspending Driver’s License and Vehicle Registration Services

On March 23, 2026, Puerto Rico's Department of Transportation (DTOP) detected a cyberattack that prompted the Puerto Rico Innovation and Technology Service (PRITS) to immediately disconnect all of the department's systems as a containment measure. The attack forced the cancellation of all upcoming appointments at the Centros de Servicios al Conductor (CESCO) — the agency responsible for issuing driver's licenses, vehicle permits, and vehicle registrations for the entire island — affecting hundreds of thousands of residents who depend on the service for legally required identification and vehicle documentation.

PRITS Executive Director Poincaré Díaz confirmed the intrusion publicly on March 25 and stated that specialized technical teams were operating around the clock to assess the scope of the attack, verify system integrity, and conduct forensic analysis before any services could be restored. As of initial disclosure, no confirmed exfiltration of personal data had been identified, though investigators acknowledged that driver's license numbers, permit data, and vehicle registration records were potentially exposed. No threat actor publicly claimed responsibility for the attack in the immediate aftermath.

The incident is the second significant cyberattack on Puerto Rico government infrastructure in recent memory; PRITS and CISA previously coordinated in response to a 2023 attack on the Puerto Rico Aqueduct and Sewer Authority (PRASA). Puerto Rico, as a U.S. unincorporated territory, receives direct federal cybersecurity assistance under the same frameworks as mainland states but has historically faced resource constraints in deploying enterprise-grade security controls across its government agencies.

The attack occurred against a backdrop of rapidly increasing cyber threat activity across Latin America and the Caribbean, with government organizations in the region absorbing approximately 4,200 cyberattacks per week in March 2026 — roughly double the global baseline — according to Check Point Software Technologies data. Attribution had not been publicly confirmed as of the date of this report.