Insurance software vendor Vertafore recently revealed a data breach affecting a whopping 27.7 million drivers in Texas, said ZDNet. The breach, while it happened a few months ago, was only revealed this week.
According to the company, a third party accessed three data files that contained millions of data. The incident occurred because of “human error when three data files were inadvertently stored in an unsecured external storage service,” as per the ZDnet report.
An investigation revealed that the files have been accessed by an unauthorized party. Compromised details include driver license numbers, names, addresses, dates of birth, and vehicle registration histories.
The three files store driver details of licenses issued before February 2019. The information is being used by the company for its insurance rating software.
The company assured social security numbers and financial credentials were not included in the breach. Moreover, affected individuals that the files have been removed from the external storage on August 1, after months of being exposed.
A post published on the firm’s website said, “Vertafore takes data privacy and security very seriously. The company has safeguards to protect its information and systems, with dedicated internal teams and partnerships with leading external firms.”
Additionally, “no information misuse has been identified” and “no customer data or any other data – including partner, vendor or other supplier data – or systems hosted for them were impacted.” The company also did not identify any vulnerability in its systems.
Furthermore, the insurance solutions company has also informed the authorities about the incident, including the Texas Attorney General, the Texas Department of Public Safety, the Texas Department of Motor Vehicles, and federal authorities.
The matter is currently under investigation and the company is also in the process of notifying affected drivers.
In the meantime, affected drivers are advised to enroll in services that perform credit monitoring and identity restoration to find if their info has been used illegally. The company is offering a year of free credit monitoring and identity restoration to affected individuals.
They are also urged to closely monitor transactions in accounts associated with their driver’s license despite not being involved in the breach. The Vertifore post provided a list of credit bureaus customers can contact to take these steps.
Texan drivers were not the only ones affected by data breaches. Similar attacks also happened in New South Wales, Australia where the info of 100,000 driver’s license holders was stored in an unsecured cloud storage folder.