The California Department of Motor Vehicles (DMV) has announced via email that its customers have been exposed after a contractor was hit by a ransomware attack. The contractor, Automatic Funds Transfer Services (AFTS), was utilized by the DMV for verifying changes of addresses within its national database. The DMV has been using services provided by AFTS since 2019. It is unclear which variant or strain of ransomware was used against the organization.
The DMV stated that the attack may have compromised California vehicle registration records including names, addresses, license plate numbers, and vehicle identification numbers. There is no evidence that more sensitive information such as Social Security numbers and driver’s license information has been compromised. However, the data exposed in the cyberattack could be leveraged by threat actors to create convincing phishing emails, using personal information to lure victims.
Read More: California DMV Warns of Data Breach After Contractor was Hit by Ransomware