Cyber Incident Victim: Oregon Department of Environmental Quality

On Wednesday morning, the Oregon Department of Environmental Quality announced that it was investigating a cyberattack and said it was shutting down its networks until the attack could be contained and potentially eradicated. The agency stated that it had not received any ransom demand and therefore did not believe the incident was ransomware. DEQ officials said they were working with the Department of Administrative Services Enterprise Information Services and the Microsoft cybersecurity team to investigate the attack. The agency emphasized that, as of the initial announcement, there was no indication of a data breach linked to the cyber activity. The statement also included an apology for any inconvenience caused to the public and regulated entities.

As a result of the network shutdown, vehicle inspection stations were expected to remain closed through Friday, with the agency warning that it might take several days before normal operations resumed. DEQ reported that it was unable to send or receive emails and directed individuals to contact the agency by phone if needed. While the DEQ Online portal remained accessible, its help desk was affected and could not be reached. Agency staff were described as working around the clock to restore systems and return business to normal. By Friday afternoon, DEQ reiterated that there continued to be no evidence of a data breach in connection with the attack. The ongoing response involved continued collaboration with state and Microsoft security investigators to contain and eradicate the threat.