An apparent cyberattack this week against Florida-based IT provider Geographic Solutions has disrupted unemployment and labor benefits for thousands of people in several states and Washington, DC.
Unemployment payments are delayed for residents of Tennessee, where about 12,000 people rely on the program, and Nebraska, according to statements from state labor departments. In Washington, the outage prevented residents from filing new requests for paid family leave and conducting job searches using a tool provided by Geographic Solutions.
In a statement, Geographic Solutions described “abnormal activity” on its computer network but did not specify the cause; the Nebraska Department of Labor called it a “cyberattack”.
After discovering the activity, Geographic Solutions “immediately took certain systems offline to stop the activity,” its statement said.
“With the help of third-party specialists, we are conducting a full investigation to determine the cause and extent of the incident,” Geographic Solutions said. “This investigation is still ongoing and we are taking steps to prevent it from happening again. Our current focus is to take care of our customers and work around the clock to restore all systems.
Geographic Solutions did not respond to emailed questions about whether ransomware was involved in the incident and how quickly it is expected to recover. It has sold workforce-related software products for state and local governments in more than 30 states and U.S. territories, according to the company’s Facebook page. The company’s website had been down since Friday evening.
The incident comes as the Federal Reserve tried to rein in historically high inflation by raising interest rates, a move that some analysts say could trigger a recession next year.
CNN has asked the US Department of Labor for comment on the apparent cyberattack hampering Geographic Solutions.
Nebraska’s state unemployment compensation system was still offline Friday night, Nebraska Department of Labor spokeswoman Grace Johnson told CNN. “The vendor is actively working to bring the system back online,” Johnson said.
The incident highlights how a disruption at a single software vendor can have ripple effects across the country.
US officials have repeatedly warned of the risk of cybercriminals striking during long holiday weekends, when IT teams are sometimes out of the office.
A year ago, a ransomware attack against another Florida-based IT vendor, Kaseya, infected up to 1,500 businesses worldwide.