Three years after the Federal Motor Carrier Safety Administration’s new medical examiner’s registry was hacked, the agency’s information technology infrastructure is still at risk of being compromised, according to a new report from the Department of Transportation’s Inspector General’s office.
IG: FMCSA IT Infrastructure at Risk of Compromise
The DOT inspector general's office wanted to find out if the Federal Motor Carrier Safety Administration's IT infrastructure contains security weaknesses.
October 22, 2021
Is the FMCSA vulnerable to hacking?
Photo: Public Domain
2 min to read
The FMCSA uses 13 web-based applications to aid vehicle registration, inspections, and other activities. Many of FMCSA’s information systems contain sensitive data, including personally identifiable information.
Although the IG’s report doesn’t cite a specific reason for its investigation, which began two years ago, the late 2017 hack of the registry is still causing delays in full implementation of the certified medical examiner program. While FMCSA said the hack was unsuccessful in that no personal information was exposed, the incident caused the agency to go back to the drawing board to develop a more secure portal.
According to its announcement, the inspector general's audit of FMCSA’s IT infrastructure was conducted because of the importance of FMCSA’s programs to the transportation system and sensitivity of some agency information. Its objective was to determine whether FMCSA’s IT infrastructure contains security weaknesses that could compromise the agency’s systems and data.
And it found them.
“We found vulnerabilities in several agency web servers that allowed us to gain unauthorized access to FMCSA’s network,” notes the IG’s report. “FMCSA did not detect our access or placement of malware on the network in part because it did not use required automated detection tools and malicious code protections. We also gained access to 13.6 million unencrypted [personally identifiable information] records. Had malicious hackers obtained this PII, it could have cost FMCSA up to $570 million in credit monitoring fees.”
The report also said FMCSA “does not always remediate vulnerabilities as quickly as DOT policy requires. These weaknesses put FMCSA’s network and data at risk for unauthorized access and compromise.”
The office made 13 recommendations, which it said the FMCSA concurred with. However, because publicizing the recommendations could constitute a security risk, the IG’s office did not disclose what those recommendations were.
More Safety & Compliance
Aperia Expands Halo Platform with Steer-Tire Inflation System, Fifth-Wheel Integration
Aperia Technologies introduced a new automatic tire inflation system for steer axles and a partnership with Fontaine Fifth Wheel to integrate coupling status into its Halo Connect platform.
Read More →
Fleetworthy and HAAS Alert Expand Partnership Stopped Truck Protection Alerts
Fleetworthy and HAAS Alert expanded their partnership to deliver real-time digital alerts that warn motorists when commercial trucks are stopped roadside and notify truck drivers when approaching emergency responders.
Read More →
New Entrants, Chameleon Carriers, and Safety: Is It Too Easy to Start a Trucking Company?
More than 100,000 new trucking companies enter the industry each year, but regulators manage to audit only a fraction of them. That churn creates opportunities for inexperienced startups — and for “chameleon carriers” that shut down after safety violations and reappear under new identities. Read more from Deborah Lockridge in this commentary.
Read More →
Mack Introduces Mack Protect Collision Mitigation System for MD Series
Mack Trucks has expanded its proprietary Mack Protect collision mitigation platform to the Mack MD Series, bringing heavy-duty safety technology to medium-duty trucks operating in urban and regional environments.
Read More →
Smarter Maintenance Strategies to Keep Trucks Rolling
In today’s cost-conscious market, fleets are finding new ways to get more value from every truck on the road. See how smarter maintenance strategies can boost uptime, control costs and drive stronger long-term returns.
Read More →
Bison Transport, Mill Creek Motor Freight Win TCA Fleet Safety Awards Grand Prize
Two Canadian fleets earned the Grand Prize in the Truckload Carriers Association’s 2025 Fleet Safety Awards, recognizing the industry’s top safety performance based on accident frequency and safety programs.
Read More →
CVSA Issues New Inspection Guidance on ELD Tampering, False Logs
New guidance for commercial vehicle inspectors distinguishes between more traditional logbook violations and tampered ELD data that can result in mandatory 10-hour out-of-service orders.
Read More →
FMCSA Reinstates Field Warrior ELD to Registered Device List
One electronic logging device has been reinstated to the FMCSA's list of registered ELDs.
Read More →
Daimler Truck North America Adds 360-Degree Exterior Camera System to Vocational, Medium-Duty Trucks
Daimler’s new factory-installed system integrates side and forward-facing cameras with in-cab touchscreen to improve jobsite visibility and reduce upfit complexity.
Read More →
Kodiak Integrates HAAS Alert’s Safety Cloud into Autonomous Trucking Platform
Kodiak has integrated HAAS Alert’s Safety Cloud platform into its autonomous vehicle control system to send real-time digital hazard alerts to nearby motorists.
Read More →