UPDATED: California DMV halts data transfers with third-party company after Automatic Funds Transfer Services security breach

Posted on by Dissent

Update:  As BleepingComputer reports, the AFTS attack appears to be the work of the Cuba ransomware threat actor(s) who claim to have exfiltrated “Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents.” They offer to sell the data on their dedicated leak site on the dark web, but do not list any prices, merely providing a contact form for interested buyers to use to contact them.

At the bottom of the original post below, you will find a list of other municipalities and utilities that have reported being affected or potentially affected by this incident.

As of February 19, the web site of Automatic Funds Transfer Service remains of service, with just a note:

The website for AFTS and all related payment processing website are unavailable due to technical issues. We are working on restoring them as quickly as possible.

Jonathan Ayestas reports:

The California Department of Motor Vehicles announced Wednesday that a third-party company it shares data with has had a security breach. It is unclear if any DMV information was compromised at this time.

Automatic Funds Transfer Services, Inc. (ATFS), a Seattle-based address verification company, has access to California vehicle registration records that include, names, addresses, license plate numbers and vehicle identification numbers. The DMV said ATFS was the victim of a ransomware attack in early February that might have exposed data from the last 20 months.

Read more on KCRA.

Related (Some Reports by Other Entities):

Category: Government SectorOf NoteSubcontractorU.S.