It looks like it was not California DMV per se, but their online credit card processing firm, an operation in Georgia. Compromised information, aside from the card and expiration info, includes the CVV2 three-digit number on the back of the cards, so it'll be easy to clone cards from that.
Interestingly, it was only online customers that were affected, sort of the inverse of the Target breech. Face-to-face CA DMV doesn't accept credit cards.
http://krebsonsecurity.com/2014/03/sources-credit-card-breach-at-california-dmv/My bank account information was stolen once back in 2010 or so. I was in Phoenix, spending a few days before going to a trade show in Las Vegas, when I saw an $80 transaction at a truck stop in North Carolina. I called my bank and they killed my card, eventually refunding the money. The problem was that they would only send a new card to my account's address or one of their branches, and I wasn't going to drive 1,000 miles round-trip to pick up a card, fortunately they had an office in Phoenix some 20 miles from my parent's and I was able to get a replacement card sent there, picking it up on the day that I left for Vegas.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
