Thousands of credit card numbers have once again fallen into the wrong hands. The California Department of Motor Vehicles (DMV) appears to be the latest target of a credit card breach, according to a report out today from security blogger Brian Krebs. MasterCard has confirmed that it has warned a number of banks about fraudulent charges on cards that have one thing in common: the accounts were all previously used for purchases at the DMV. If you used your card for a DMV charge form August 2nd, 2013 to January 31st of this year, your number might be in danger.
The nature of the attack isn't yet clear, but Krebs' sources say that the internal MasterCard notice says that credit card numbers, expiration dates, and three-digit verification codes were compromised. It's not yet known if other sensitive information in the DMV's systems, like driver's license numbers, addresses, phone numbers, and social security numbers were also breached. In addition, the scope of the attack is unknown. If all transactions from that six-month time period were compromised, this could be a major attack affecting millions of charges. In 2012, the California DMV reported that it conducted 11.9 million online transactions.
The news comes just months after one of the largest breaches in history rocked Target, which affected millions who shopped at the big box store. In the wake of that breach, credit card issuers and retailers are working to transition the US over to safer "chip-and-signature" and "chip-and-PIN" cards. If the California DMV attack involves online transactions, the latter could have helped prevent hackers from gaining useful information.