The California Department of Motor Vehicles (DMV) says the personal information of California drivers might have been leaked in a security breach.
The agency sent out a statement on Wednesday, saying a contractor it uses to verify vehicle registration addresses was the victim of a ransomware attack in early February.
The attack may have compromised information provided by the DMV to the company, Automatic Funds Transfer Services, Inc. (AFTS) of Seattle.
This information includes the last 20 months of California vehicle registration records that contain names, addresses, license plate numbers, and vehicle identification numbers (VIN).
The DMV says the hack did not involve any information about customers' Social Security numbers, birthdates, voter registration, immigration status, or driver's license information.
The agency has launched an investigation into whether any information obtained by the ransomware attackers has actually been used for nefarious purposes.
It also immediately stopped all data transfers to AFTS and notified law enforcement, including the Federal Bureau of Investigation.
Personal information of California drivers potentially compromised in ransomware attack of DMV contractor