Saturday, March 12, 2005

Company bidding on TX drivers license contract has data stolen from Nevada DMV

Digimarc, one of two companies that have bid on Texas' drivers license re-engineering project, was responsible for failing to encrypt data on thousands of drivers that was stolen from the Nevada Department of Motor Vehicles last week, according to an Associated Press story.
Personal information from more than 8,900 people was stolen when thieves broke into a Nevada Department of Motor Vehicles office, officials said Friday.

A computer taken during the break-in contained names, ages, dates of birth, Social Security numbers, photographs and signatures of southern Nevada residents who obtained driver's licenses between Nov. 25 and March 4 at the North Las Vegas office, state DMV chief Ginny Lewis said.

The DMV had previously maintained that the information on the computer stolen in Monday's break-in was encrypted, making it virtually useless to thieves.

But Lewis said Friday that Digimarc Corp., the Beaverton, Ore.,-based company that provides digital driver's licenses in Nevada, told her Thursday the information was not encrypted, and was readily accessible.

Miz Nakajima, Digimarc spokeswoman, said Friday she could not comment on specifics about state DMV customers or the Nevada theft. The publicly traded company provides a service Nakajima called "digital watermarking" to motor vehicle departments in 34 states and the District of Columbia.

All 21 Nevada DMV licensing stations were ordered by the end of the day Friday to remove personal information from computers to prevent a recurrence, Lewis said.

That's bad enough. Imagine if thieves also were able to steal people's biometric data. After all, to a computer, that information is just ones and zeros, no different from somebody's social security number. With biometrics now used for everything from computer passwords to restricting entry to top-secret government facilities, a similar theft involving biometrics could have profound, long-term consequences. After all, even people with government security clearances also have state drivers licenses.

We're going to hear a lot about how secure these systems are and how we should trust the companies to protect Texans' data. Nevadans trusted them, and look where it got them.

No comments: