SACRAMENTO – The California Department of Motor Vehicles reported a possible data security breach in its credit card processing services and opened an investigation.
The state agency said it has not found evidence that its computer system had been hacked, but it has opened an investigation “out of abundance of caution.”
The DMV, which lets drivers pay many fees online, first learned of the potential problem from law enforcement Friday. According to statement released, aided state and federal investigators, the department is seeking information from credit card companies as well as the firm that processes credit card transactions for the DMV.
“Protecting the identity and security of our customers is our highest priority, and we fully understand the potential impact any breach of security can have,” said Armando Botello, DMV spokesman. “The department has implemented heightened monitoring of all DMV website traffic and credit card transactions. We will immediately notify any affected DMV customers as quickly as possible if we find any issue. DMV customers are also encouraged to closely monitor their credit card statements and transactions for any fraudulent or unusual activity and report it to their credit card company immediately.”
“It’s always been a challenge to secure these types of systems,” said Scott Shefferman, senior security engineer for Sentek Global.
Sentek Global is a company that specializes in cyber security. Shefferman said while the DMV breach is still under investigation, it’s likely hackers found a back door into the government system.
“We found with our research in the Target attacks that the attackers were able to initially penetrate the organization through a third party vendor that installed their HVAC system,” Shefferman said. “Those HVAC sites have control of websites on them.”
He said it’s not that a government agency is easy to hack, but these days the tools make it too easy for hackers get the job done.
“Some of these tools are as easy as almost right click or point and click,” said Shefferman. “We have to new implement new types of technology to counter those types of threats of next generation technologies.”
The possible breach had customers at the DMV in Clairemont wondering if cash was the answer to their security.
“I’m definitely worried about the credit card breaching,” said Terence Webster.
“There’s always going to be a form of stealing and it’s just going to get more and more advanced,” said Jessica Hesselgrave. “I’m prepared for it.”