Security News > 2021 > February > US cities disclose data breaches after vendor's ransomware attack

A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington.

Due to the large amount of potential data allegedly stolen by the Cuba Ransomware operation, cities utilizing AFTS as their payment processor or address verification service have begun disclosing potential data breaches.

The potential data exposed varies depending on the city or agency, but may include names, addresses, phone numbers, license plate numbers, VIN numbers, credit card information, scanned paper checks, and billing details.

California Department of Motor Vehicles : Automatic Funds Transfer Services, Inc. of Seattle was the victim of a ransomware attack in early February that may have compromised information provided to AFTS by the DMV, including the last 20 months of California vehicle registration records that contain names, addresses, license plate numbers and vehicle identification numbers.

AFTS is currently conducting an investigation to determine what personal information might have been accessed by the ransomware actors, if any, and will inform Kirkland of that information when it becomes available.

City of Monroe, Washington : The information stored in the AFTS databases is limited to data necessary to fulfill utility billing and payment processing of paper check payments.

News URL

https://www.bleepingcomputer.com/news/security/us-cities-disclose-data-breaches-after-vendors-ransomware-attack/