Colorado DMV fails to encrypt sensitive data

Posted by Caitlin on July 10th, 2008

By transmitting sensitive data without encryption, the Division of Motor Vehicles puts 3.4 million Coloradans at risk of identity theft. According to a recent audit, the DMV has failed to to effectively limit access to its database. More than a year after their departure, former employees could still access names, addresses, dates of birth and Social Security numbers. Auditors said the DMV's system for handling data was "fragmented, disorganized and poorly planned," but the state has no money budgeted for updating the system. The division does hide the last four digits of Social Security numbers before they're transmitted, and plans to encrypt all transmitted information within a year.

Colorado ranks eighth in the nation in identity-theft complaints per person and first in the nation in general fraud reports. If you are concerned about identity theft, consider an identity theft protection service.

• Data Breach Alert: Stolen laptop leaves thousands of Connecticut State students exposed
• Data Breach Alert: Western Carolina University exposes hundreds of social security numbers
• Data Breach Alert: City website exposes firefighters personal information
• Data Breach Alert: Registration website exposes presidential primary voters to identity theft
• 25 million identities left unprotected in the UK