DriveSure Data Breach

DriveSure is known as a training program in order to car dealers to build customer loyalty. It has scores of customers that subscribe to it is training and course material. They offer their names, addresses, contact numbers and emails to the internet site.

In Dec 2020, DriveSure suffered an information breach which triggered 26GB of personal information being downloaded and shared on a hacking forum. This included 4. 6 , 000, 000 unique emails, names, telephone numbers and physical addresses. Motor vehicle information was also subjected including makes, models, VIN numbers and odometer psychic readings.

The hackers made the DriveSure data available for no cost on multiple hacking message boards, so it was freely attainable to anyone. The attackers broke up with a 22GB folder which contained DriveSure’s MySQL databases, revealing 91 very sensitive databases.

PII was contained in the dump, along with damage cases, extended car details and dealer and warranty information. These were each and every one prime for the purpose of exploitation by other risk actors.

Above 93, 000 bcrypt hashed passwords were also made public. Although stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Secureness explained.

Developing a poor security password can allow an attacker of stealing visit this site right here your computer data from the server, so it has important to transformation them at the earliest opportunity. In addition , it’s a good idea to wipe hard drive on your computer before getting rid of it to avoid any data from getting accidentally or perhaps maliciously exposed. You can do this through a data destruction method or creating a fresh installation of the operating-system.

Leave a Reply

Your email address will not be published. Required fields are marked *