The California Department of Motor Vehicles (DMV), out of an abundance of caution, is notifying customers that a company it uses to verify vehicle registration addresses has had a security breach. DMV systems have not been compromised and it is unknown if DMV data shared with the company has been compromised. An investigation is under way.
Automatic Funds Transfer Services, Inc. (AFTS) of Seattle was the victim of a ransomware attack in early February that may have compromised information provided to AFTS by the DMV, including the last 20 months of California vehicle registration records that contain names, addresses, license plate numbers and vehicle identification numbers (VIN). AFTS does not have access to DMV customers’ Social Security numbers, birthdates, voter registration, immigration status or driver’s license information, therefore this data was not compromised.