Frequently Asked Questions

What happened?
Computers and systems at CDOT were shut down due to a ransomware attack. 

What is the state doing about this cybersecurity incident?
OIT is investigating the issue in partnership with other security experts. 

Has my agency been impacted?
This event is limited to CDOT. OIT has taken precautions to prevent further infection and implemented those precautions across all state agencies.

Are external stakeholders safe to interact with state employees?
There is no indication that the malware found at CDOT is transmitted through email. However, we encourage everyone to use common sense. Do not to click on links in emails from senders you do not recognize and do not open suspicious files.

Can I download files sent from CDOT employees?
Yes, you can download attachments sent from CDOT employees with whom you work. The virus that infected CDOT systems was transmitted through the network, not through files.

Do I need to be concerned about my personal information?
There is no evidence that this attack compromised any state employees' personal information.

What are some cybersecurity best practices for state employees to follow?
Click here to learn more.

What is ransomware?
It is a type of malware (software that is intended to do damage) that prevents or limits users from accessing their system by locking the system screen or files until a ransom is paid.

What is the timeline for resolution?
There is no time estimate, but teams are working hard to get CDOT systems back online and fully operational.

Are CDOT employees getting paid on time?
Yes. CDOT employees will receive a paycheck per their standard payroll schedule, be it biweekly or monthly.