Cyber Incident Victim: U.S. Virgin Islands Police Department

On or around April 20, 2019, the U.S. Virgin Islands Police Department (VIPD) experienced a ransomware attack targeting servers containing internal affairs records and citizen complaints. The attack encrypted numerous files, rendering them inaccessible and corrupting data. Police Commissioner Trevor Marsh confirmed the department immediately took affected systems offline upon discovering the incident to prevent further compromise of personal information. No data theft occurred during the breach. The VIPD did not identify the attackers and refused to pay any ransom demand, instead engaging FBI cybersecurity experts to attempt file decryption and recovery. Critical law enforcement software systems—including the "Blue Team" platform and "IAPRO" internal affairs management program—remained offline for several weeks following the attack.

The incident significantly disrupted VIPD operations, particularly affecting compliance with a federal consent decree mandating reforms to prevent excessive use of force by officers. Quarterly court filings revealed corrupted backups of the IAPRO system hindered mandatory reporting and oversight activities. By late June 2019, the department installed a centralized IAPRO version expected to restore territory-wide access by July 8 while continuing FBI-assisted recovery efforts for compromised historical records. Marsh emphasized infrastructure hardening measures to prevent future data loss, though the attack’s origin remained undetermined. The ransomware’s impact marked the first such cyberattack against the VIPD, paralleling contemporaneous incidents in Baltimore and Riviera Beach that similarly targeted municipal agencies. Operational setbacks persisted through mid-2019 as technicians worked to reconstruct corrupted files essential for internal investigations and federal compliance documentation.