DriveSure Data Break

DriveSure can be described as training system that helps car dealerships to build consumer loyalty. It has numerous customers that subscribe to it is training and course material. They provide their brands, addresses, cell phone numbers and electronic mails to the internet site.

In 12 , 2020, DriveSure suffered an information breach which lead to 26GB of private information staying downloaded and distributed on a cracking forum. This kind of included 3 or more. 6 mil unique email addresses, names, phone numbers and physical addresses. Vehicle information was also uncovered including makes, models, VIN numbers and odometer readings.

The online hackers made the DriveSure data available for free of charge on multiple hacking discussion boards, so it was freely accessible to any person. The attackers dumped a 22GB folder which in turn contained DriveSure’s MySQL databases, revealing 91 sensitive databases.

PII was contained in the dump, along with damage statements, extended car details and dealer and warranty facts. These were almost all prime just for exploitation by simply other menace actors.

Over 93, 000 bcrypt hashed passwords were also made public. Although stronger than SHA1 and MD5, bcrypt passwords can easily still be brute-forced when downloaded from a server, Risk Based Protection explained.

Using a poor password can allow a great attacker of stealing your data from the storage space, so it’s important to modification them immediately. In addition , it’s a good idea to wipe the hard drive on your computer before disposing of it to avoid any data from currently being accidentally or perhaps maliciously revealed. You can do this through a data devastation plan or setting up a fresh installation of the os.

Leave a Comment

Your email address will not be published.