IG: FMCSA IT Infrastructure at Risk of Compromise

The DOT inspector general's office wanted to find out if the Federal Motor Carrier Safety Administration's IT infrastructure contains security weaknesses.

Staff Writer・Editorial

Read Staff's Posts

October 22, 2021

IG: FMCSA IT Infrastructure at Risk of Compromise — Is the FMCSA vulnerable to hacking?
Photo: Public Domain

2 min to read

Three years after the Federal Motor Carrier Safety Administration’s new medical examiner’s registry was hacked, the agency’s information technology infrastructure is still at risk of being compromised, according to a new report from the Department of Transportation’s Inspector General’s office.

The FMCSA uses 13 web-based applications to aid vehicle registration, inspections, and other activities. Many of FMCSA’s information systems contain sensitive data, including personally identifiable information.

Although the IG’s report doesn’t cite a specific reason for its investigation, which began two years ago, the late 2017 hack of the registry is still causing delays in full implementation of the certified medical examiner program. While FMCSA said the hack was unsuccessful in that no personal information was exposed, the incident caused the agency to go back to the drawing board to develop a more secure portal.

According to its announcement, the inspector general's audit of FMCSA’s IT infrastructure was conducted because of the importance of FMCSA’s programs to the transportation system and sensitivity of some agency information. Its objective was to determine whether FMCSA’s IT infrastructure contains security weaknesses that could compromise the agency’s systems and data.

And it found them.

“We found vulnerabilities in several agency web servers that allowed us to gain unauthorized access to FMCSA’s network,” notes the IG’s report. “FMCSA did not detect our access or placement of malware on the network in part because it did not use required automated detection tools and malicious code protections. We also gained access to 13.6 million unencrypted [personally identifiable information] records. Had malicious hackers obtained this PII, it could have cost FMCSA up to $570 million in credit monitoring fees.”

The report also said FMCSA “does not always remediate vulnerabilities as quickly as DOT policy requires. These weaknesses put FMCSA’s network and data at risk for unauthorized access and compromise.”

The office made 13 recommendations, which it said the FMCSA concurred with. However, because publicizing the recommendations could constitute a security risk, the IG’s office did not disclose what those recommendations were.

Topics:U.S. DOT FMCSA Information Technology Cybersecurity Safety & Compliance

More Safety & Compliance

Stop Watching Footage, Start Driving Results

6 intelligent dashcam tactics to improve safety and boost ROI

Series graphic for 2025-2026 trucking trends

Safety & Compliance•by Deborah Lockridge•January 28, 2026

6 Regulatory Changes for Trucking to Watch in 2026

After a year of what safety and compliance expert Brandon Wiseman calls “regulatory turbulence,” what should trucking companies be keeping an eye on in 2026 when it comes to federal safety regulations?

Truck driver behind wheel with superimposed mobile driver assessment from Smith System

Safety & Compliance•by News/Media Release•January 27, 2026

Smith System Adds Digital Trainer Center Platform

A new Digital Trainer platform digitizes behind-the-wheel assessments, generates Smith5Keys driver scorecards, and connects safety training to ongoing driver risk management.

Safety & Compliance•by Staff•January 26, 2026

Are You Using One of These Revoked ELDs?

Within a two-week period, the Federal Motor Carrier Safety Administration removed eight ELDs from the list of registered electronic logging devices, but has since reinstated two of them.

Safety & Compliance•by Deborah Lockridge•January 22, 2026

What FMCSA’s New Enforcement Push Means for Fleets in 2026 [Video]

Last year was one of regulatory turbulence for trucking companies and truck drivers. Trucking attorney Brandon Wiseman breaks down the top DOT changes and what fleets should be aware of heading into 2026.

3 New Ways Fleet Software Pays: ROI opportunities for modern fleet managers

Safety, uptime, and insurance costs directly impact profitability. This eBook looks at how fleet software is evolving to deliver real ROI through proactive maintenance, AI-powered video telematics, and real-time driver coaching. Learn how fleets are reducing crashes, defending claims, and using integrated data to make smarter operational decisions.

Basic Tracking vs Next Generation Fleet Technology

Fleet software is getting more sophisticated and effective than ever, tying big data models together to transform maintenance, safety, and the value of your existing tech stack. Fleet technology upgrades are undoubtedly an investment, but updated technology can offer a much higher return. Read how upgrading your fleet technology can increase the return on your investment.