An apparent cyberattack this week on Florida-based IT provider Geographic Solutions has disrupted unemployment and workforce benefits for thousands of people in multiple states and Washington, DC.
Unemployment payments are delayed for people in Tennessee, where about 12,000 people rely on the program, and in Nebraska, according to statements from state labor departments. In Washington, the outage has prevented residents from filing new paid family leave claims and conducting job searches using a tool provided by Geographic Solutions.
In a statement, Geographic Solutions described “anomalous activity” on its computer network but did not specify the cause; the Nebraska Department of Labor called it a “cyberattack.”
After discovering the activity, Geographic Solutions “immediately took some systems offline to halt the activity,” its statement said.
“With the help of third-party specialists, we are conducting a full investigation to determine the cause and scope of the incident,” Geographic Solutions said. “That investigation is still ongoing, and we are taking steps to help prevent this from happening again. Our current focus is on taking care of our customers and working around the clock to restore all systems.”
Geographic Solutions did not respond to emailed questions about whether ransomware was involved in the incident and how soon it expected to recover. It has sold workforce-related software products for state and local governments in more than 30 US states and territories, according to the company’s Facebook page. The company’s website was down as of Friday evening.
The incident comes as the Federal Reserve has tried to curb historically high inflation by raising interest rates, a move that some analysts predict could trigger a recession in the next year.
CNN has requested comment from the US Department of Labor on the apparent cyberattack hampering Geographic Solutions.
As of Friday evening, Nebraska’s state unemployment benefits system was still offline, Nebraska Department of Labor spokesperson Grace Johnson told CNN. “The vendor is actively working on bringing the system back online,” Johnson said.
The incident highlights how an interruption at a single software provider can have ripple effects across the country.
US officials have repeatedly warned about the potential for cybercriminals to strike over long holiday weekends, when IT teams are sometimes out of the office.
A year ago, a ransomware attack on another Florida-based IT vendor, Kaseya, infected up to 1,500 businesses around the world.