Cyber Incident Victim: Washington State Department of Transportation
Date:
Nov 2023
Location:
United States of America
Summary
A cyberattack disrupted the Washington State Department of Transportation's online systems, causing significant operational impacts by disabling critical real-time travel information services. Key functions such as ferry tracking, mountain pass condition updates, and statewide traffic cameras were initially inaccessible, leading to widespread confusion for travelers and ferry passengers. While traffic cameras and commercial vehicle permit services were later restored, core tools including the agency’s travel map, mobile app, and vessel watch remained offline, severely hindering public access to transportation updates during the outage.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Washington State Department of Transportation experienced a cybersecurity incident that disrupted key online services beginning on November 7, 2023. Officials confirmed the event targeted real-time travel information systems, causing widespread operational challenges. While the department’s basic website and mobile application remained accessible, critical features providing ferry schedules, mountain pass conditions, and traffic updates became unavailable. This outage created significant confusion for commuters relying on ferry services, which frequently experience delays, and for travelers navigating winter weather routes. The disruption persisted for multiple days, with no immediate restoration timeline provided during the initial phase.
By November 9, partial functionality had been restored, including statewide traffic cameras and online commercial vehicle permitting systems. However, core services such as the real-time travel map, ferry vessel tracking, and the mobile app’s dynamic features remained offline. The incident specifically impaired systems designed to disseminate operational data, though no evidence suggested broader compromise of internal networks or safety-critical infrastructure. The department did not disclose technical details about the attack vector or responsible actors, focusing public communications on service restoration efforts. Travelers faced prolonged inconveniences due to the lack of real-time updates during peak commuting periods and approaching winter travel season.