NJ Can’t Print MVC Documents, Issue Checks Because of Cyber Attack
TRENTON — Receiving a printed state document could prove to be a challenge because of an issue with the vendor used by the state.
The state office of Office of Information Technology, which facilitates the service, said vendor R.R. Donnelley & Sons identified a “systems intrusion in its technical environment" and responded by shutting down its servers and systems, began a forensic investigation and hired a cybersecurity expert.
"While we cannot disclose any specifics on an active investigation, generally speaking, this systems intrusion involved unauthorized individuals gaining access to RR Donnelly’s network and in doing so, disrupted their ability to carry out operations," NJOIT spokeswoman Maria Prato told us.
In layman's terms, it means the system was hacked.
For New Jersey, the problem means a multi-day delay to receive certain documents including but not limited to vendor payments, disbursement checks, and motor vehicle documentation.
“At this time, we are not aware of any personally identifiable information that’s been compromised as a result of the intrusion. RR Donnelley is in the initial stages of their investigation and we are awaiting their findings," State Chief Information Security Officer and Director of the New Jersey Cybersecurity and Communications Integration Cell Michael Geraghty said in a statement.
Earlier attack on UKG - Ultimate Kronos Group
Online human resources management company UKG - Ultimate Kronos Group said on Dec. 13 its cloud was hit by a ransomware attack and advised its clients it could take several weeks for them to regain access.
The attack affected the ability of its customers to track employee hours, scheduling and process payroll.
UKG in an update said they have made "good progress" restoring customers' production and back-up databases.
"Our investigation is still ongoing and we are working diligently with cybersecurity experts to determine whether and to what extent sensitive customer or employee data has been compromised. As is typical in ransomware incidents, it may take several more weeks or more to fully determine whether a specific customer's sensitive data (and what kind of data) may have been compromised.