Breach Brief – Texas DMV, PlutoTV, Verizon

Published On December 10, 2020 | By Tom Huskerson | Breach Briefs, News and Analysis

Texas drivers should be aware of this data breach. Blamed on “human error” the breach exposed the personal information of 27.7 million Texas drivers. Vertafore, a data company, leaked the files containing personal information such as driver’s license numbers, names and addresses, and vehicle registration history. Anyone issued a Texas driver’s license prior to February 2019 could be impacted.

The Texas Department of Motor Vehicles and Department of Public Safety granted Vertafore access to the state files for certain usages but they weren’t supposed to be online.

Whoever stole the data does not have financial information or Social Security numbers. However, they did get addresses, driver’s license data, DMV information, vehicle identification numbers and where your car is financed. Keep in mind this information is still very sensitive. For example, if a hacker knows where you financed your car then they can guess that you probably do your banking there as well.

State officials say they’re looking into the massive data breach along with law enforcement including the FBI.

Vertafore says they’re offering free credit monitoring for a year for drivers who may have had their personal information exposed.

Pluto TV

Viewers of Pluto TV may or may not know that the company was hacked. You have to ask.

According to news reports amateur hackers are trading a database of Pluto TV users information stolen from the company. But Pluto TV has decided not to inform its customers of the breach.

Pluto TV is free to use and has 28.4 million users. Its Android app has been downloaded over 10 million times, according to the app’s Google Play Store page.

The data breach reportedly impacts 3.2 million Pluto TV accounts. A sample of the data shared by a hacker contains display names, email addresses, date of birth, device platform, IP address, and hashed password. The passwords are hashed with a robust bcrypt algorithm, meaning that hackers are generally unlikely to be able to crack them and obtain users’ actual passwords. The data appears to be two years old.

Pluto TV told Motherboard.com that the company would only communicate information about the breach with users who inquire.

A statement from Pluto TV read, “While this matter remains under investigation, no new or additional information has been presented that differs from what’s been reported to-date. As we continue to investigate this matter, we are communicating with users who have reached out to us directly to address any questions or concerns.”

So some of the 3.2 million Pluto TV account holders maybe completely unaware of the data breach. So if they don’t know the company does not have to be bothered with them seems to be the logic here.

Troy Hunt, maintainer of breach notification service Have I Been Pwned?, told Motherboard in an online chat that Pluto TV’s “reasoning is completely nonsensical and inconsistent with people’s expectations. The exposure of an email address alone should result in notifications being sent, but passwords as well—even if hashed with bcrypt which can still be cracked, especially for weak passwords—should absolutely require notifications to be sent.”

Verizon

It appears that Verizon has sprung a data leak and is struggling to fix it. The company is trying repair a glitch that is been leaking customer’s addresses, phone numbers, account numbers, and other personal information through a chat system that helps prospective subscribers figure out if FiOS internet services are available in their area.

Customer’s personal details appear when people click on a link to chat with a Verizon representative. The user sees transcripts of conversations conducted by other customers and potential customers. The transcripts reveal full names, addresses, phone numbers, account numbers, and various other information. All the user has to do it open a chat window and there it is. Some of the transcripts date back to June. A separate Window included customers’ addresses, although it wasn’t clear who those addresses belonged to.

Ars discovered the data leak and alerted Verizon representatives immediately. Verizon’s plan was to report the leak only after it had been repaired. It’s not clear when Verizon began leaking the data. With some of the chats dating back to June, it’s possible that the leak has been occurring for months.

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle.com. Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Comments are closed.