Security News > 2021 > February > US cities disclose data breaches after vendor's ransomware attack

A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington.
Due to the large amount of potential data allegedly stolen by the Cuba Ransomware operation, cities utilizing AFTS as their payment processor or address verification service have begun disclosing potential data breaches.
The potential data exposed varies depending on the city or agency, but may include names, addresses, phone numbers, license plate numbers, VIN numbers, credit card information, scanned paper checks, and billing details.
California Department of Motor Vehicles : Automatic Funds Transfer Services, Inc. of Seattle was the victim of a ransomware attack in early February that may have compromised information provided to AFTS by the DMV, including the last 20 months of California vehicle registration records that contain names, addresses, license plate numbers and vehicle identification numbers.
AFTS is currently conducting an investigation to determine what personal information might have been accessed by the ransomware actors, if any, and will inform Kirkland of that information when it becomes available.
City of Monroe, Washington : The information stored in the AFTS databases is limited to data necessary to fulfill utility billing and payment processing of paper check payments.
News URL
Related news
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- US seizes domain of Garantex crypto exchange used by ransomware gangs (source)
- US seizes $23 million in crypto linked to LastPass breaches (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)