Blog AFTS breach compromises US government agencies

CrazyReader

Automated Import
Staff member
Can you trust your government to protect your data? If you live in the US, the answer might be no. Automatic Funds Transfer Services (AFTS), a payment service used by multiple state agencies across the US, is facing a major data breach. So how did the AFTS breach happen? What can you do to protect yourself? And what happens next?


AFTS is a payment processing platform, which allows for secure money transfers and address verification. As such, it handles sensitive data like credit card information and home addresses, among other things.

That alone would make it a tempting target for hackers, but AFTS is also used by many US government agencies, especially at the state level. California’s DMV, for example, used it to verify changes of address. With more than 35 million vehicles registered to the DMV alone, it’s clear that any attack against AFTS could have far-reaching effects for citizens across the US.


The situation is still developing, but here’s what we know so far. In early February 2021, a cybercriminal organization known as “Cuba” attacked AFTS and infected their systems with malware. They gained access to huge amounts of user data and caused massive disruption, taking the AFTS website offline.

Having infected AFTS’s systems with malware, they demanded a ransom for the stolen data. The problem with ransom situations like this, however, is that there can be no guarantee that the data will be returned even after the money is paid. Once they’ve extracted the ransom, hackers like the Cuba collective can then increase their profits by selling the information to other cybercriminals.

All of this is bad enough, but the real impact of the attack can only be understood if we look at the many state agencies that may now be compromised as well. A perfect example of this is the California Department of Motor Vehicles, or DMV.


California’s DMV is just one of many agencies impacted by the AFTS breach, but it’s a prime example of the problems local government bodies now face.

By attacking AFTS, Cuba hackers may have gained access to 20 months of vehicle registration records in California. That means they can now match license plate numbers and vehicle identification numbers with names and home addresses.

While the DMV has stated that the most sensitive information — including social security numbers and license details — was not accessed, the damage still looks serious. Worst of all, we may not know the full extent of the fallout for months to come.


The AFTS breach raises fresh questions about our government’s capacity to protect the private data of its citizens. Even when government agencies use adequate security measures, outsourcing some services to private companies can still open the door to hackers.

This incident comes hot on the heels of the SolarWinds hack, another massive breach which originated with a third-party organization. And this will not be the last time a story like this breaks, as governments continue to wrestle with the twin threats of cybercrime and international cyber espionage
.
Government agencies in the US and beyond need to urgently reevaluate their reliance on private companies to build their software infrastructure. At the very least, the standards to which they hold their private-sector partners have to be higher.


While government bodies reel from the shock of the AFTS attack, there are still some steps you can take personally to protect your own data, and limit the fallout of this breach.

Change your passwords. Your passwords are the keys to your private information. If a company you interact with is breached, make sure to change any associated login information as soon as possible. It’s also vital that you don’t use the same password for multiple accounts, as this can allow a single breach to spread rapidly to other platforms.

Manage your digital footprint. It’s important to control and limit the amount of data that you leave online; the information companies store about you is a huge part of your digital footprint. Make sure to delete old accounts if you no longer use them. Contact companies directly to ask them to remove their records of you. And always change and modify security settings wherever possible on social media and other sites.

Improve your own security practices. If hackers have stolen your information in a data breach, they may be able to launch phishing
attacks against you or your contacts. For that reason, it’s important to raise your own security standards. Be wary of any unexpected email links, encrypt your data with a VPN, and monitor your online accounts for unusual activity.



For the latest cybersecurity news, you can sign up to the NordVPN blog newsletter below.
 
Top