Chimicles Schwartz Kriner & Donaldson-Smith (CSK&D) is investigating a potential class action lawsuit against Vertafore, an insurance software company, for violations of the Driver’s Privacy Protection Act (“DPPA”) following its announcement that a data breach resulted in the compromise of 27.7 million personal and driver’s license details in Texas. Vertafore claimed in a notification this week that, due to human error, three files were stored in an unsecured third-party service which was subsequently accessed without authorization. Though the firm was unable to say exactly when this happened, the breach occurred at some point between March 11 and August 1, 2020. The breach went undetected until mid-August.
The compromised files include driver information for licenses issued before February 2019, such as Texas driver license numbers, names, dates of birth, addresses and vehicle registration histories. Vertafore reports that the breach did not contain any Social Security numbers or financial account information.
Reports indicate that there is ample opportunity for cyber-criminals to launch convincing follow-on phishing attacks using the personal and driver’s license details that were compromised.
If you have a Texas driver’s license that was issued before February 2019 that may have been compromised by the breach, please contact the lawyers listed on this page.