Vertafore, which creates software to help insurance carriers, said in a written statement Tuesday that three company files containing information from driver's licenses issued before February 2019 were "inadvertently stored in an unsecured external storage service," adding that they appeared "to have been accessed without authorization."
Files contained driver's license numbers, names, dates of birth, addresses and vehicle registration histories. But they did not have Social Security numbers or financial account information, according to the company.
"No information misuse has been identified," the company said. "No customer data nor any other data — including partner, vendor, or other supplier data —or systems hosted for them were impacted."
The company said it notified law enforcement after it identified the breach in mid-August, but were asked by officials to delay the announcement. The security breach was determined to have occurred sometime between March 11 and Aug. 1, the company said.
"Vertafore's notice was delayed at law enforcement's request. We sincerely regret any inconvenience this may cause," a company spokesman said in another written statement Friday.
In addition to federal law enforcement officials, the insurance software firm said it also notified the office of the Texas attorney general, Texas Department of Public Safety and the Texas Department of Motor Vehicles.
The Texas DMV website also states that Vertafore is assisting law enforcement in the investigation of the data breach.
The company said it hired an outside consultant to help investigate and manage the response to the data breach. It is offering anyone who may have been affected by the breach one year of free credit monitoring and identity restoration services. People can find out more about the services by calling 1-888-479-3560.
©2020 Austin American-Statesman, Distributed by Tribune Content Agency, LLC.