DriveSure Data Break

DriveSure is a training program in order to car dealers to build client loyalty. It has lots of customers that subscribe to their training and course material. They give their brands, addresses, cell phone numbers and electronic mails to the site.

In January 2020, DriveSure suffered an information breach which lead to 26GB of personal information currently being downloaded and distributed on a cracking forum. This included three or more. 6 , 000, 000 unique emails, names, cell phone numbers and physical addresses. Car or truck information was also exposed including makes, models, VIN numbers and odometer blood pressure measurements.

The hackers made the DriveSure info available for free of charge on multiple hacking community forums, so it was freely accessible to any person. The attackers broke up with a 22GB folder which in turn contained DriveSure’s MySQL databases, exposing 91 delicate databases.

PII was included in the dump, as well as damage claims, extended car details and dealer and warranty data. These were every prime for the purpose of exploitation by other menace actors.

Above 93, 1000 bcrypt hashed passwords were made public. Even though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Reliability explained.

Working with a poor password can allow a great attacker to steal important computer data from the storage space, so it’s important to improve them immediately. In addition , a fresh good idea to wipe hard drive on your computer system before getting rid of it to avoid any data from currently being accidentally or maliciously uncovered. You can do this with a data break down application or creating a fresh installation of the operating-system.

Leave a Reply

Your email address will not be published. Required fields are marked *