DriveSure Data Break

DriveSure can be described as training platform in order to car dealerships to build buyer loyalty. It has scores of customers that subscribe to their training and course material. They supply their names, addresses, telephone numbers and email messages to the web page.

In January 2020, DriveSure suffered an information breach which led to 26GB of private information becoming downloaded and shared on a cracking forum. This kind of included 3. 6 , 000, 000 unique email addresses, names, telephone numbers and physical addresses. Vehicle information was also open including makes, models, VIN numbers and odometer psychic readings.

The hackers made the DriveSure data available for no cost on multiple hacking community forums, so it was freely accessible to any person. The attackers dumped a 22GB folder which in turn contained DriveSure’s MySQL databases, revealing 91 delicate databases.

PII was included in the dump, as well as damage remarks, extended car details and dealer and warranty info. These were pretty much all prime for exploitation by other menace actors.

Above 93, 000 bcrypt hashed passwords were also made public. Though stronger than SHA1 and MD5, bcrypt passwords could be brute-forced when downloaded from a server, Risk Based Security explained.

Getting a poor password can allow a great attacker of stealing important computer data from the machine, so it’s important to change them as quickly as possible. In addition , it’s a good idea to wipe hard drive on your computer system before getting rid of it to stop any info from currently being accidentally or perhaps maliciously revealed. You can do this employing a data damage plan or setting up a fresh installing of the operating-system.

Write a comment