The California Department of Motor Vehicles (DMV) suffered from a data breach that exposed thousands of driver details online. Approximately 3,200 people remained compromised as a result of the breach.
In a statement released by the company, the number of affected individuals spans the past four years. The corporation released the announcement last November 10, 2019.
According to the Los Angeles Times, the breach led the California DMV to share unauthorized access to driver details. These include Social Security information of individuals within the database.
A number of federal agencies reportedly gained access to the files, including the United States Department of Homeland Security. Other government agencies who accessed the said data include the Internal Revenue Service (IRS) and the Small Business Administration. The Los Angeles Times also reports the San Diego and Santa Clara district attorneys were also privy to such information.
Data from DMV were supposedly accessed by federal agencies to gain more insight into criminal dealings or activities. Meanwhile, other officers in the sector looked into the individual’s compliance with tax laws, states Fox News. There is no official statement on whether or not immigration departments gained access to this information.
Besides this, the agencies also examined the authenticity of the Social Security card filed under the license holder’s name.
California DMV initially claimed that its database remained intact and hackers failed to enter its system. CNN also notes the company remained adamant in its stance that it did not share confidential information with other parties.
However, the business retracted its statement later on. In a statement released by DMV spokesperson Anita Gore, the company acknowledged the breach which occurred last August 2, 2019. To clarify, Gore said the incident was caused by a breach, not by hacking.
Upon discovering the issue, the firm supposedly acted immediately to curtail information obtained by agencies. Apart from fixing the mistake in the system, the California Department of Motor Vehicles also notified affected customers. Notices were promptly sent out following the breach.
DMV “[ensures] that no additional confidential information was disclosed to these entities, and has implemented several additional layers of review.” The enhanced security measures include review and signoff by the legal counsel of the company.
The latest event adds to the company’s list of shortcomings, with people complaining of poor and inefficient service. Customers have also criticized the technology, staffing, and overall management procedures and processes by the DMV.