Critical Shutdown: Ransomware Cripples Puerto Rico Agencies Via Contractor Breach
A ransomware attack has crippled the operations of several key Puerto Rican government agencies, yet officials have still not publicly acknowledged the incident. According to available information, beginning on 25 November, three major public institutions were struck: the State Insurance Fund Corporation (CFSE), the Administration of Health Insurance (ASES), and the Department of Education. The disruption proved so severe that the Puerto Rico Innovation and Technology Service (PRITS) was forced to activate a state of cyber emergency and enlist assistance from CISA and the FBI.
As reported by an anonymous Indiario source, the attack began with the compromise of a contractor’s credentials—credentials that granted elevated administrative privileges. This intrusion vector aligns with a growing pattern in recent months, in which adversaries infiltrate the infrastructures of U.S. and Latin American government entities through weak links in their supply chains. Once inside, the attackers were able to propagate ransomware across mission-critical systems in multiple agencies.
Ransomware remains one of the most destructive tools available to cybercriminals: it encrypts data, halts essential services, and demands payment—usually in cryptocurrency. Yet the technical damage is only part of the story. The true impact falls on essential civic functions: payroll operations, medical record management, educational platforms, and public services. Such a disruption instantly exposes weaknesses that have accumulated within technological infrastructures over many years.
According to the source, CFSE suffered the gravest blow—more than 150 Windows and Linux servers were placed at risk. As a result, financial systems, services for injured workers, public portals, and internal tools were severely affected. Even systems that remain operational are only partially available or functioning intermittently. At ASES, roughly 30 servers may have been damaged, disrupting databases and communication channels vital to the administration of public health insurance. The Department of Education, based on preliminary assessments, lost key capabilities after 11 servers were taken offline, causing outages in PowerSchool, T&A, TAL, and other platforms relied upon daily by teachers, students, and administrators.
The full extent of the damage remains uncertain. The source notes several ongoing risks: a potential leak of personal data; a prolonged degradation of government services, which have already been unstable for a week; and the possibility that the attack affected more agencies than currently known. Given the government’s fragmented and aging IT systems, the situation appears even more precarious. Although Puerto Rico has experienced unauthorized intrusions before, this incident may prove to be one of the largest in scale.
According to the source, PRITS has activated emergency protocols, isolated compromised network segments, and begun collaborating with federal entities to contain the attack and conduct digital forensics. Restoring services may take considerable time, as dozens of servers across various technology platforms have been impacted.
The source also pointed to systemic weaknesses that the incident has brought into sharp relief. He recommends that the government establish a 24/7 Security Operations Center (SOC), transition to a Zero Trust model, mandate multifactor authentication for all personnel, accelerate security-patch deployment, conduct regular penetration testing, and impose strict requirements on vendors with elevated administrative access. It is precisely such a privileged provider who appears to have served as the attackers’ point of entry.
Authorities are now working to determine whether citizens’ personal data has been compromised. If confirmed, the government will be obligated to notify affected individuals and may face federal scrutiny.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
