Another Massive Data Breach Exposed Millions of Driver's License Numbers
A massive data breach has exposed millions of driver's license numbers across multiple states, raising serious identity theft concerns.
Aditya Raj
July 5, 2026 · 2 min read
A data breach at a third-party identity verification service exposed over 12 million driver's license records across California, Texas, Florida, and New York, with stolen data including names, addresses, and license numbers.
A massive data breach has compromised millions of driver's license numbers across multiple US states, security researchers have confirmed. The breach, which appears to have originated from a third-party identity verification service used by several state DMVs, has exposed highly sensitive personal information.
The exposed data includes full names, addresses, dates of birth, and driver's license numbers, creating a perfect storm for identity theft and fraud. Security firm Mandiant, which conducted the forensic investigation, reported that the attackers exploited a vulnerability in the verification service's API to exfiltrate data over several months.
Warning
If you hold a driver's license in an affected state, monitor your credit reports and consider placing a fraud alert on your files immediately. Free credit freezes are available through all three major credit bureaus.
The affected states include California, Texas, Florida, and New York, with preliminary estimates suggesting over 12 million records were stolen. State DMV officials have begun notifying affected residents by mail and are offering free credit monitoring services for two years.
Law enforcement agencies, including the FBI and CISA, are investigating the breach. Cybersecurity experts warn that driver's license numbers are particularly valuable on the dark web because they can be used to open bank accounts, apply for loans, and even obtain fraudulent passports.
Key Takeaways
- 1 Over 12 million driver's license records were stolen from a third-party DMV verification service
- 2 Affected states include California, Texas, Florida, and New York
- 3 The breach went undetected for months via an exploited API vulnerability
- 4 Driver's license numbers are high-value targets for identity theft on the dark web
- 5 Free credit monitoring is being offered to affected residents
Frequently Asked Questions
How were the driver's license numbers stolen?
Attackers exploited a vulnerability in a third-party identity verification service's API used by multiple state DMVs to exfiltrate data over several months.
What should I do if I think my data was exposed?
Monitor your credit reports, place fraud alerts with credit bureaus, and consider a credit freeze. Contact your state DMV to see if you are eligible for free credit monitoring.
How many states were affected by this breach?
Four major states are confirmed affected so far: California, Texas, Florida, and New York, with an estimated 12 million records compromised.
TOPICS
Stay Ahead with TECHRADAR360
Get the latest tech news delivered to your inbox every morning.