Vertafore said the files were removed from the external storage system on August 1, but after an investigation, they discovered that the files had been accessed without authorization.
According to the software provider, the three files contained information on driver’s licenses issued before February 2019, which the company was using for its insurance rating software solution.
Exposed data included Texas driver license numbers, names, dates of birth, addresses, and vehicle registration histories.
Vertafore said it notified relevant authorities about the security breach, including the Texas Attorney General, the Texas Department of Public Safety, the Texas Department of Motor Vehicles, and federal law enforcement.
An investigation is underway. The company is now also notifying Texas drivers whose data was exposed in the breach.
Vertafore said it has worked with an intelligence firm but has not found any evidence that the leaked data has been abused or misused.
“Although that firm did not find any evidence, to be considerate of all Texas driver license recipients and out of an abundance of caution, Vertafore is offering them one year of free credit monitoring and identity restoration services in recognition that these services offer valuable protection in other contexts beyond this event,” Vertafore said.
Still, Texas drivers aren’t the only ones dealing with a data breach that exposed their personal information these days. The information of thousands of New South Wales driver’s license holders was also exposed in Australia in September after more than 100,000 images were similarly left in an unsecured Amazon Web Services (AWS) cloud storage folder.