AUSTIN - Your personal information may have been stolen in a hack of nearly 28 million Texas driver's licenses.
An insurance software company with access to DMV records says it was breached.
"Just to know my information could be used for fraudulent activity makes me feel very uneasy," reacted driver Amera Guest.
"Now they can start applying for credit cards and loans," said driver Crensen Ciano.
Driver's license numbers, names, birthdates, addresses, and vehicle registration information were stolen for nearly 28 million Texas drivers who received a license before February of 2019.
"There's a lot an identity thief can do with this information. They can try to create a new account and they can try to prove they are you when they're logging in to an existing account," said James Lee with the Identity Theft Resource Center.
An insurance software company called Vertafore, which has legal access to that DMV information, said in a statement the data was inadvertently stored in an unsecured storage service that was hacked between March and August of this year.
Vertafore says the company has known about the breach since mid-August. So we asked why they're just now announcing it.
The company says they reported it to the Texas Office of the Attorney General, the Texas Department of Motor Vehicles, and the Texas Department of Public Safety and wrote, "Vertafore’s notice was delayed at law enforcement’s request."
Vertafore says they hired a third-party firm to investigate but identified no misuse of the information so far.
But James Lee with the Identity Theft Resource Center says give it time.
"It's something they may wait to use. So you're not out of the woods just because a year has passed, two years have passed, three years have passed," Lee explained.
He says drivers should freeze their credit and change their account passwords.
"Be very diligent about watching credit card statements and things of that nature. And ultimately consider upgrading some passwords. The advice we give people today is don't have a password, have a passphrase," said Lee.
He says don't use the same passwords on multiple accounts.
The Texas DMV issued this statement regarding the breach:
"The breach of information was caused by Vertafore. The Texas Department of Motor Vehicles was not hacked and was not the cause of the breach. The Texas Department of Motor Vehicles takes protecting consumer information very seriously. The department classifies and protects data based on existing statutory regulations and industry principles, and retains and destroys all data in accordance with state and agency data retention and data sanitization policies.
"The department only allows outside use of information for reasons found in Transportation Code Chapter 730 and the Federal Drivers Privacy Protection Act. These laws permit, and at times require, the release of motor vehicle records to authorized parties."
Drivers can contact Vertafore to see if their information was hacked by calling 888-479-3560. Vertafore says it is offering those impacted one year of free credit monitoring through Kroll, which will help resolve any damage to your credit report. You can sign up for monitoring here.
Victims can also report it to the Texas Attorney General's office here.
The Identity Theft Resource Center offers more information and resources to deal with identity theft on their website.