Vertafore Data Breach – Class Action Investigation

Chimicles Schwartz Kriner & Donaldson-Smith (CSK&D) is investigating a potential class action lawsuit against Vertafore, an insurance software company, for violations of the Driver’s Privacy Protection Act (“DPPA”) following its announcement that a data breach resulted in the compromise of 27.7 million personal and driver’s license details in Texas. Vertafore claimed in a notification this week that, due to human error, three files were stored in an unsecured third-party service which was subsequently accessed without authorization. Though the firm was unable to say exactly when this happened, the breach occurred at some point between March 11 and August 1, 2020. The breach went undetected until mid-August.

The compromised files include driver information for licenses issued before February 2019, such as Texas driver license numbers, names, dates of birth, addresses and vehicle registration histories.  Vertafore reports that the breach did not contain any Social Security numbers or financial account information.

Reports indicate that there is ample opportunity for cyber-criminals to launch convincing follow-on phishing attacks using the personal and driver’s license details that were compromised.

If you have a Texas driver’s license that was issued before February 2019 that may have been compromised by the breach, please contact the lawyers listed on this page.

(*) Indicates required field: When communicating with us through this site or otherwise in connection with a matter for which we do not already represent you, your communication may not be treated as privileged or confidential, and does not create an attorney-client relationship between you and our Firm.

Attorneys for this case:

Benjamin F. Johns
Andrew W. Ferich
Samantha E. Holbrook
Alex M. Kashurba