UPDATED 21:17 EST / NOVEMBER 15 2020

SECURITY

Data belonging to 27.7M Texas drivers stolen in latest case of unsecured storage

Data relating to some 27.7 million Texas drivers has been exposed online and stolen from an unsecured database belonging to insurance company Vertafore Inc.

The databases were left online between March 11 and Aug. 1 and included names, dates of birth, addresses and vehicle registration histories. According to the company last week, the data was exposed when someone placed three company files on “an unsecured external storage service that appears to have been accessed without authorization.”

There’s the usual tick box of responses to the data breach from Vertafore, with the company claiming that it has no “information misuse has been identified” despite confirming the exposed data had been accessed. The company is also offering free credit monitoring and identity restoration services to all Texas drivers license holders potentially affected by the data breach.

“This breach is yet another example of a company leaving a server and critical information unsecured without any protection, an unfortunate trend that has been the cause of many recent breaches, Vinay Sridhara, chief technology officer of AI-powered security posture firm Balbix Inc., told SiliconANGLE. “According to a recent report, nearly half (46%) of organizations find it hard to tell which vulnerabilities are real threats versus ones that will never be exploited. This leaves security teams flying blind when it comes to prioritizing risk and leaves organizations vulnerable to unexpected attacks, such as those exploiting a breach at a former third-party partner with access to sensitive data.”

Javvad Malik, security awareness advocate at security awareness training firm KnowBe4 Inc., pointed out that a lot of individuals could be hurt by the exposure.

“The incident does serve as a reminder that technology alone is insufficient to have complete security and that human error can result in undesirable outcomes,” Malik said. “That’s why it’s important to invest in security awareness and training alongside technical controls to encourage secure behaviors which ultimately can lead to building a culture of security within organizations.”

Photo: VertaforeWiki/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU