[BreachExchange] NCDMV's Raleigh office discloses possible information breach for 24, 000 customers

Audrey McNeil audrey at riskbasedsecurity.com
Tue Apr 4 20:28:11 EDT 2017 

http://www.bizjournals.com/triangle/news/2017/04/04/dmv-
raleigh-office-discloses-information-breach.html

Boxes containing the personal information of North Carolina drivers were
erroneously disposed – potentially putting names, addresses and even social
security numbers in danger of being compromised.

That’s according to the North Carolina Division of Motor Vehicles, which
sent out notice Tuesday that as many as 24,000 customers’ information had
potentially been disclosed.

According to NCDMV, boxes containing forms with personal information were
inadvertently discarded as regular trash – without going through the
shredder, which is protocol.

An “equipment issue” caused NCDMV personnel to stack the papers into boxes
for later disposal. But a cleaning crew “mistakenly” collected them and
disposed of them as regular trash. It all happened at the North Raleigh
Driver License Office on Spring Forest Road.

The potential disclosure involves records collected between Sept. 1, 2016
and March 7, 2017.

An investigation has confirmed the involvement of 391 forms that might have
contained social security numbers, and another 23,000 forms that might have
contained names, addresses and dates of birth.

According to the DMV, letters notifying affected customers are being mailed
out this week, advising them to check credit reports. The incident has been
reported to the N.C. Attorney General’s Consumer Protection Division.

David Howard, deputy secretary of NCDOT, said the incident was discovered
March 8 and reported to the commission March 14.

The faulty equipment has been replaced, which means daily shredding of
documents has resumed. Additionally, staff has been retrained on document
disposal and storage.

DMV is also planning disciplinary action against the manager of the local
office, according to a prepared statement. Howard would not be specific
about what action has been taken.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170404/c2f776db/attachment.html>

More information about the BreachExchange mailing list