LOS ANGELES (Reuters) - The California Department of Motor Vehicles has opened an investigation into a possible security breach of its credit card processing services, a spokesman for the agency said.
“The Department of Motor Vehicles has been alerted by law enforcement authorities to a potential security issue within its credit card processing services,” Armando Botello, a spokesman for the agency, said in a statement.
He added that the agency has opened an investigation “out of an abundance of caution” along with federal and state law enforcement agencies.
The blog Krebs on Security first reported the suspected data breach, citing unnamed sources at financial institutions. It said the potentially compromised transactions occurred between August 2 and January 31 and the data that may have been stolen could include credit card numbers, expiration dates and three-digit security codes.
The DMV allows clients to pay by credit card in online transactions and at self-service terminals at some locations, for transactions such as renewing driver’s licenses and vehicle registrations, Botello said in a phone interview.
He declined to release other details about the potential breach, including the time frame when it might have occurred.
Representatives from MasterCard Inc and Visa Inc could not immediately be reached for comment.
MasterCard spokesman Seith Eisen told the Los Angeles Times the credit card company is “aware of and investigating” reports of a potential breach involving the California DMV.
Botello, in his written statement, said there is no evidence of a direct breach of the DMV’s computer system.
“In its investigation, the department is performing a forensic review of its systems and seeking information regarding any potential breach from both the external vendor that processes the DMV’s credit card transactions and the credit card companies themselves,” the statement said.
Reporting by Alex Dobuzinskis; Editing by Eric Walsh