TxDOT discovered the breach on May 12. A subsequent review found that a single user account had been compromised and used to improperly access a large number of crash reports.
The department is notifying impacted individuals via notification letters. Personal data stored in the downloaded crash records included first and last names, addresses, driver's license numbers, license plate numbers, car insurance policy numbers and other related information.
Officials are also implementing additional security protocols to help guard against future incidents, although details about those enhancements were not disclosed.
The breach was announced just days after Gov. Greg Abbott signedthe Texas Cyber Command bill into law, approving $135 million in funding for the creation of what could become the largest state-based cybersecurity department in the U.S.
This story first appeared in Industry Insider — Texas, part of e.Republic, Government Technology's parent company.
