ACSC Data Breach Exposes Driver's Licenses

On March 9, 2026, the Automobile Club of Southern California (ACSC) reported a data breach that stemmed from a security incident experienced by their third-party vendor DanubeNet Inc., also known as Driving School Solutions (DSS).

The types of consumer information exposed in this breach include personally identifiable information such as names and driver’s permit or license numbers.

The breach occurred when DSS, which provides services related to driver education, experienced a compromise of its systems. While the exact method of intrusion was not detailed in the disclosure, ACSC’s contract with DSS required the vendor to use appropriate security measures.

After learning of the incident, ACSC worked closely with DSS to investigate the cause and ensure corrective actions were taken. DSS has since implemented additional security protocols to prevent similar incidents in the future.

According to the Massachusetts Office of Consumer Affairs and Business Regulation disclosure, the incident has so far affected six Massachusetts residents.

ACSC's response

To help protect affected individuals, ACSC arranged for a complimentary two-year membership of credit monitoring and identity protection services through Epiq. This service includes credit monitoring with alerts, annual credit reports and scores, dark web monitoring, $1 million in identity theft insurance, lost wallet assistance, and identity restoration services.

Affected individuals are encouraged to activate their complimentary membership with Epiq as soon as possible. Enrollment instructions were provided in the notification letter, and activation will not impact credit scores.

ACSC also recommends that all individuals remain vigilant by reviewing account statements and credit reports for unauthorized activity. Free annual credit reports can be obtained from Equifax, Experian, and TransUnion.

If any suspicious activity is detected, individuals should contact the Federal Trade Commission, their state attorney general, and local law enforcement.

Additionally, ACSC provided guidance on placing fraud alerts and security freezes with credit bureaus to further safeguard personal information. These steps are particularly important given the nature of the information exposed, as driver’s license numbers can be used in identity theft schemes.