Vertafore announced that information of 27.7 million Texas drivers has been accidentally exposed due to a human error. The company disclosed this security breach this week, data was stored on an unsecured external storage service and they were accessed by an external party.
According to the software provider, the three files contained information on driver’s licenses issued before February 2019, which the company was using for its insurance rating software solution.
The incident took place on March 11, and the data were secured on August 1. The company launched an investigation into the incident that confirmed that the files had been accessed by an unauthorized third party.
The company said it had become aware of the breach in August, and had immediately hired a “leading intelligence firm” to determine if any of the exposed data had been stolen and misused.
“Although that firm did not find any evidence, to be considerate of all Texas driver license recipients and out of an abundance of caution, Vertafore is offering them one year of free credit monitoring and identity restoration services in recognition that these services offer valuable protection in other contexts beyond this event,” Vertafore said.
Vertafore emphasized in disclosing the breach that it was taking steps to enhance employee cybersecurity and privacy training, reinforcing security procedures and policies, and further enhancing the security of its systems.
“These complex investigations take time,” Vertafore wrote. “We moved quickly and took care and time to be able to obtain and deliver accurate information. We sincerely regret any inconvenience this may cause.”