Texas Drivers’ Licenses on the Dark Web
By: M20 Associates Subject Matter Experts
Earlier this year, a couple of data breaches took place in Texas law enforcement databases. A source with firsthand access to the information discovered Texas Drivers’ Licenses, along with associated dates of birth, on the Dark Web.
In June 2020, hundreds of thousands of potentially sensitive files (270 Gigabytes) from multiple police departments (to include intelligence and fusion centers) across the United States were leaked on-line. The searchable collection, known as “Blue Leaks,” was from Netsential, a Houston, Texas web design and hosting company who maintained a number of state law enforcement data-sharing portals. The collection was released by Distributed Denial of Secrets (DDoSecrets), which is an alternative to Wikileaks.
The National Fusion Center Association (NFCA) confirmed the leaks, which included data that spanned 24 years (from 1996 to 2020). The documents included names, email addresses, and phone numbers, at a minimum.
The NFCA assessed in June that cyber threat actors and criminals might seek to exploit the data centers and associated agencies and their personnel in various cyber-attacks and campaigns. It is expected that with many breaches, notification to the victim will be delayed.
There is a high likelihood that license information, even from simple traffic stops where no citations were issued, was compromised. In some instances, a picture is taken, and these were also likely compromised. In addition, it is unknown what the police departments’ retention policies are, so it is uncertain how far back their data repositories go.
In May, a new ransomware known as Ransom X successfully targeted the Texas Courts and Texas Department of Transportation. It is likely that the ransomware laterally moved across multiple state networks, to include the Texas Department of Public Safety (In 2019, approximately 23 Texas towns were targeted with ransomware (assessed as REvil/Sodinokibi)).