DMV reveals data breach discovered in March
A Utah Division of Motor Vehicles employee was fired in March after the agency discovered she allegedly gave out people's personal information.
In response to a Salt Lake Tribune inquiry, DMV spokesman Charlie Roberts confirmed that the agency first learned from the Salt Lake City Fire Department in mid-March that the employee, who was not immediately identified, had allegedly released Utahns' confidential information taken from DMV databases.
"Once we had a sworn statement from the [fire department] that [the employee] had confessed to releasing confidential information, we contacted the employee," Roberts said. She was terminated March 11. She was a customer service clerk who had been with the division about 14 years, but Roberts was not sure how long the alleged data breach had been going on or how many people would have been affected.
The matter is an administrative one for the DMV and it isn't their policy to make a public announcement about such a compromise of information, Roberts said.
The DMV has 2.5 million records, but the extent of that personal information is limited to what's on your car registration, Roberts said. That means Social Security numbers and dates of birth were safe, he added.
Investigators took the woman's work hard drive, computer, printer and anything that might have data on it that a forensics lab can investigate, Roberts said.
The DMV is upgrading its software security. Roberts said they started that update before they knew of the breach, and expect the new system to be online by October.
The fire marshal could not be reached Wednesday night.