DriveSure Data Break

DriveSure is a training system that helps car dealerships to build client loyalty. It has many customers that subscribe to the training and course material. They provide their names, addresses, cell phone numbers and electronic mails to the web page.

In 12 , 2020, DriveSure suffered a data breach which triggered 26GB of personal information being downloaded and shared on a hacking forum. This kind of included 3. 6 mil unique email addresses, names, telephone numbers and physical addresses. Auto information was also exposed including makes, models, VIN numbers and odometer readings.

The online hackers made the DriveSure info available for cost-free on multiple hacking discussion boards, so it was freely accessible to any individual. The attackers left a 22GB folder which in turn contained DriveSure’s MySQL databases, subjecting 91 delicate databases.

PII was included in the dump, and damage cases, extended car details and dealer and warranty info. These were almost all prime pertaining to exploitation simply by other hazard actors.

Above 93, 000 bcrypt hashed passwords were made public. Even though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Reliability explained.

Having a poor password can allow a great attacker of stealing your computer data from the server, so it has important to modify them immediately. In addition , the new good idea to wipe the hard drive on your hard drive before disposing of it to stop any info from becoming accidentally or maliciously uncovered. You can do this employing a data break down course or creating a fresh installation of the operating system.

Leave a Comment

Your email address will not be published. Required fields are marked *