Vertafore, a provider of insurance software, recently disclosed that an unknown threat actor group illicitly accessed personal information of 27.7 million Texas-based drivers who use Vertafore’s services. In its release, Vertafore admitted that the data breach was caused due to a human error after three data files were inadvertently stored in an unsecured storage unit.
The exposed information included drivers’ information like license numbers, names, dates of birth, addresses, and vehicle registration histories. However, Vertafore clarified that no social security numbers or financial information was compromised in the incident. While information about the attackers is still unknown, the company stated that there was no sign of data misuse.
“Immediately upon becoming aware of the issue, Vertafore secured the potentially affected files and has been investigating the event and the extent to which data may have been impacted. Vertafore has reported the matter to the Texas Attorney General, Texas Department of Public Safety, Texas Department of Motor Vehicles, and the U.S. federal law enforcement. Vertafore is actively assisting law enforcement,” the release said.
Vertafore also urged its users to monitor their account statements. The company is offering free credit monitoring and identity restoration services to the users whose data was affected in the incident.
Misconfigurations Increase Data Breaches
Inadvertent database exposure continues to be a major risk for organizations, with misconfigurations exploited in 66% of reported attacks. Besides, 33% of organizations reported that attackers gained access through stolen cloud provider account credentials. A quarter of organizations stated that managing access to cloud accounts is a primary concern to them. Nearly 96% of respondents admitted that they face issues with their current level of cloud security, while 44% of respondents reported data breaches are the top security concern. For full story click here…
