AFTS breach compromises US government agencies

What is AFTS?

AFTS is a payment processing platform, which allows for secure money transfers and address verification. As such, it handles sensitive data like credit card information and home addresses, among other things.

That alone would make it a tempting target for hackers, but AFTS is also used by many US government agencies, especially at the state level. California’s DMV, for example, used it to verify changes of address. With more than 35 million vehicles registered to the DMV alone, it's clear that any attack against AFTS could have far-reaching effects for citizens across the US.

What do we know so far?

The situation is still developing, but here’s what we know so far. In early February 2021, a cybercriminal organization known as “Cuba” attacked AFTS and infected their systems with malware. They gained access to huge amounts of user data and caused massive disruption, taking the AFTS website offline.

Having infected AFTS’s systems with malware, they demanded a ransom for the stolen data. The problem with ransom situations like this, however, is that there can be no guarantee that the data will be returned even after the money is paid. Once they’ve extracted the ransom, hackers like the Cuba collective can then increase their profits by selling the information to other cybercriminals.

All of this is bad enough, but the real impact of the attack can only be understood if we look at the many state agencies that may now be compromised as well. A perfect example of this is the California Department of Motor Vehicles, or DMV.

The California DMV breach

California’s DMV is just one of many agencies impacted by the AFTS breach, but it’s a prime example of the problems local government bodies now face.

By attacking AFTS, Cuba hackers may have gained access to 20 months of vehicle registration records in California. That means they can now match license plate numbers and vehicle identification numbers with names and home addresses.

While the DMV has stated that the most sensitive information — including social security numbers and license details — was not accessed, the damage still looks serious. Worst of all, we may not know the full extent of the fallout for months to come.

Can governments be trusted with your data?

The AFTS breach raises fresh questions about our government’s capacity to protect the private data of its citizens. Even when government agencies use adequate security measures, outsourcing some services to private companies can still open the door to hackers.

This incident comes hot on the heels of the SolarWinds hack, another massive breach which originated with a third-party organization. And this will not be the last time a story like this breaks, as governments continue to wrestle with the twin threats of cybercrime and international cyber espionage.

Government agencies in the US and beyond need to urgently reevaluate their reliance on private companies to build their software infrastructure. At the very least, the standards to which they hold their private-sector partners have to be higher.

What can you do to protect yourself?

While government bodies reel from the shock of the AFTS attack, there are still some steps you can take personally to protect your own data, and limit the fallout of this breach.

• Change your passwords. Your passwords are the keys to your private information. If a company you interact with is breached, make sure to change any associated login information as soon as possible. It’s also vital that you don’t use the same password for multiple accounts, as this can allow a single breach to spread rapidly to other platforms.
• Manage your digital footprint. It’s important to control and limit the amount of data that you leave online; the information companies store about you is a huge part of your digital footprint. Make sure to delete old accounts if you no longer use them. Contact companies directly to ask them to remove their records of you. And always change and modify security settings wherever possible on social media and other sites.
• Improve your own security practices. If hackers have stolen your information in a data breach, they may be able to launch phishing attacks against you or your contacts. For that reason, it’s important to raise your own security standards. Be wary of any unexpected email links, encrypt your data with a VPN, and monitor your online accounts for unusual activity.

Want to read more like this?

Get the latest news and tips from NordVPN

Subscribe

Subscribe

You've successfully subscribed to our newsletter!

Email is invalid

Subscribe

We won't spam and you will always be able to unsubscribe