SECURITY BREACH AT ADDRESS VERIFICATION COMPANY MAY COMPROMISE DMV INFORMATION

Printer-friendly versionPrinter-friendly version Share this

Potentially impacts vehicle registration records, no driver’s license information; DMV working with law enforcement and assessing additional privacy protections

Source:  California DMV

February 22, 2021 (Sacramento) - The California Department of Motor Vehicles (DMV), out of an abundance of caution, is notifying customers that a company it uses to verify vehicle registration addresses has had a security breach. DMV systems have not been compromised and it is unknown if DMV data shared with the company has been compromised. An investigation is under way.

Automatic Funds Transfer Services, Inc. (AFTS) of Seattle was the victim of a ransomware attack in early February that may have compromised information provided to AFTS by the DMV, including the last 20 months of California vehicle registration records that contain names, addresses, license plate numbers and vehicle identification numbers (VIN). AFTS does not have access to DMV customers’ Social Security numbers, birthdates, voter registration, immigration status or driver’s license information, therefore this data was not compromised.

Upon being notified of the potential breach, the DMV immediately stopped all data transfers to AFTS and notified law enforcement, including the Federal Bureau of Investigation.

 

The DMV has contracted with AFTS since 2019 to cross-reference addresses with the national database – which gets updated whenever someone files a change of address with the U.S. Postal Service National Change of Address Database – to ensure vehicle registration renewal notices are mailed to a customer’s current address. The DMV does not use this service to verify driver’s license addresses.

 

The DMV is initiating an emergency contract with a different address verification company to ensure there are no impacts to customer service.  The DMV is reviewing processes with AFTS to determine the further security enhancements needed to prevent future breaches.

 

While the DMV Investigations branch has no indication at this time that information accessed by the ransomware attack on AFTS has been used by the attackers for any nefarious reason, the DMV urges customers to report any suspect activity to law enforcement. The DMV will continue to monitor the situation and work with the appropriate law enforcement agencies.


Error message

Support community news in the public interest! As nonprofit news, we rely on donations from the public to fund our reporting -- not special interests. Please donate to sustain East County Magazine's local reporting and/or wildfire alerts at https://www.eastcountymedia.org/donate to help us keep people safe and informed across our region.

Comments

so

someone could buy me vehicle and I would not know?