COLUMBUS, Ohio — It's been a little over a month since a hacker group targeted the City of Columbus in a cyberattack, resulting in the information of hundreds of thousands of private citizens getting placed on the dark web.
Some of those citizens include anyone who swiped their driver's license at Columbus City Hall in the last 10 years.
Swiping your driver's license at government buildings like City Hall is not uncommon, according to C. Matthew Curtin, founder of InterHack Corp. in Columbus.
“Often they want to see your driver's license, scan your driver's license and a lot of times it's a matter of we want to know name of the person. Are you on the list of people who shouldn't have access to the facility that sort of thing. But the question is what's actually on your driver license?” said Curtin.
Curtin scanned a license in a demonstration to see what data was stored on the license.
When you apply for a driver’s license in Ohio, you give the BMV some personal information including your social security number. But that number is not on your ID physically.
“You’ll see name, date of birth, when the license was issued, when it expires. Your height, weight, eye color, hair color, where you were born and a bunch of other stuff. I don’t know what this stuff is,” said Curtin.
Curtin could not identify easily what some of the codes were.
Before 2002, your social security number was displayed on your Ohio driver license. But, it’s not anymore.
“Licenses do not have social security numbers print on them. When we see the data, we don’t see a social security number on there but there are other things. Not sure what they are but it could be your social security number. But, it's encoded some other way or a key into another SSN database that we don’t know,” said Curtin.
The BMV said it is not affected by the Columbus cyberattack. A spokesperson said although they have to collect your social security number, it is under a secure database.