An organized security exploit duped Texas’ Department of Public Safety into sending at least 3,000 driver’s licenses to a Chinese criminal group in New York that targeted Asians in the Lone Star State, officials announced on Monday.
The unidentified group did not hack any Texas government websites, the DPS said. Instead, they exploited existing security vulnerabilities in the state’s main portal, Texas.gov.
The agency said it became aware of the problem in December 2022 but did not notify affected Texans as they carried out investigations and arrests.
“We’re not happy at all, I can tell you that, one bit,” DPS Chief Steve McCraw told lawmakers on Monday, as per the Texas Tribune. “They should have had — controls should have been in place, and they never should have happened.”
McCraw described the culprit as “a Chinese organized crime group based in New York working in a number of different states.”
Their scheme allegedly involved pulling the personal data of Asian targets from the dark web, harnessing the data to answer password security questions on Texas.gov and then using stolen credit cards to order copies of active licenses, such as those that were reported missing or stolen.
While licenses are issued by DPS, they are ordered through a portal run by the Department of Information Resources. At least 4,000 fake accounts were created, while some 2,400 licenses were shipped to “third-party addresses,” the Dallas Morning News reported.
McCraw said the crime group targeted Asians from various backgrounds with the goal of finding similar names and “look-alikes,” supposedly to aid Chinese nationals who are living in the U.S. illegally.
More potential cases are under investigation. State Rep. Mary González (D-El Paso) criticized DPS officials for allowing so much time to pass while Texans were unaware that their identities had been stolen.
“Somebody could be going around as Mary González right now for two months, and nobody’s…
Read the full article here
