DMV Investigating Possible Credit-Card Data Breach

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

The California Department of Motor Vehicles on Saturday said it has opened an investigation after being alerted by authorities to a potential security issue within its credit-card processing services.

“There is no evidence at this time of a direct breach of the DMV’s computer system,” Armando Botelo, spokesman for the agency, said in a statement. However, the investigation was initiated “out of an abundance of caution and in the interest of protecting the sensitive information of California drivers,” he said.

The statement was released after the online security blogger Brian KrebsĀ reported that multiple banks had received alerts from Mastercard “about compromised cards that all had been previously used online at the California DMV.”

Krebs’ blog,, was first to report a similar incident involving Target last December.

In a blog post on Saturday, Krebs reported that, according to the Mastercard alert, the potentially compromised transactions at the DMV “extended from Aug. 2, 2013 to Jan. 31, 2014, and that the data stolen included the card number, expiration date, and three-digit security code printed on the back of cards.”


The California Department of Motor Vehicles is investigating a potential security breach involving online credit-card transactions, officials said. (Credit: KTLA)

As part of its probe, the DMV is performing a forensic review of its system and seeking information regarding any possible breach from both the external vendor that processes the department’s credit card transactions and the credit card companies themselves, according to Botelo.

The DMV said it has also implemented heightened monitoring of all of its website traffic and credit-card transactions, and that it will notify affected customers if any issue is discovered.

Meanwhile, California drivers were encouraged to closely monitor their credit card statements for fraudulent or unusual activity and report it to their credit card company immediately.

A “DMV Identity Fraud Factsheet” is available on the agency’s website,

DMV offices will continue to accept cash, checks and money orders in person, Botelo said.

Notice: you are using an outdated browser. Microsoft does not recommend using IE as your default browser. Some features on this website, like video and images, might not work properly. For the best experience, please upgrade your browser.