A software vendor that supplies the auto insurance industry acknowledged a data breach this week that exposed the personal information of about 27.7 million people with Texas driver’s licenses.
In a statement posted to its website Thursday, the company, Vertafore, disclosed that at some point between March 11 and Aug. 1 of this year, there was “unauthorized access” to three data files containing information pertaining to driver’s licenses issued prior to February 2019.
The exposed files included driver’s license numbers, names, dates of birth, addresses and vehicle registration histories, though Vertafore said no Social Security numbers or financial information was swept up in the breach.
According to the company, the data files had been stored in an unsecured external storage service, which Vertafore attributed to human error. The breach was detected in mid-August. While a third-party investigation found no evidence that any drivers’ information has been used maliciously, it did discover at least one instance of improper access.
“Immediately upon becoming aware of the issue, Vertafore secured the potentially affected files and has been investigating the event and the extent to which data may have been impacted,” the company’s statement reads.
The company is offering one year of free credit monitoring and identity restoration services to victims. It’s also reported the incident to Texas authorities, including the state Department of Motor Vehicles, Department of Public Safety and Office of the Attorney General.