The credit cards were used by people to pay for the services provided by DMV. The online portal was somehow breached and the person behind the attack was able to make away with the credit card number, security code and expiration date of a large number of cards.
The credit card data that was compromised in the breach ranged from Aug 2, 2013 to Jan 31, 2014. This means that the total count for the compromised credit cards is going to be huge. As soon as the breach was discovered, MasterCard sent out an alert to a number of banks regarding it.
California DMV has also released a statement which reveals few details of the episode. According to this statement, “The Department of Motor Vehicles has been alerted by law enforcement authorities to a potential security issue within its credit card processing services. There is no evidence at this time of a direct breach of the DMV’s computer system. However, out of an abundance of caution and in the interest of protecting the sensitive information of California drivers, the DMV has opened an investigation into any potential security breach in conjunction with state and federal law enforcement.”
The statement further reads, “In its investigation, the department is performing a forensic review of its systems and seeking information regarding any potential breach from both the external vendor that processes the DMV’s credit card transactions and the credit card companies themselves.”