DriveSure Data Break

DriveSure can be described as training program that helps car dealerships to build client loyalty. It has countless customers that subscribe to their training and course material. They supply their names, addresses, telephone numbers and emails to the site.

In Dec 2020, DriveSure suffered an information breach which ended in 26GB of personal information currently being downloaded and shared on a hacking forum. This included several. 6 mil unique email addresses, names, telephone numbers and physical addresses. Car information was also uncovered including makes, models, VIN numbers and odometer readings.

The hackers made the DriveSure data available for totally free on multiple hacking message boards, so it was freely accessible to anyone. The attackers left a 22GB folder which will contained DriveSure’s MySQL databases, revealing 91 hypersensitive databases.

PII was within the dump, and damage statements, extended car details and dealer and warranty data. These were almost all prime meant for exploitation by simply other danger actors.

More than 93, 000 bcrypt hashed passwords were also made public. Even though stronger than SHA1 and MD5, bcrypt passwords can easily still be brute-forced when downloaded from a server, Risk Based Reliability explained.

Developing a poor username and password can allow a great attacker to steal your data from the storage space, so is considered important to switch them as quickly as possible. In addition , the new good idea to wipe the hard drive on your hard drive before disposing of it to stop any data from being accidentally or perhaps maliciously uncovered. You can do this by using a data damage plan or making a fresh installation of the operating system.

About the Author

Leave a Reply