DriveSure Data Breach

DriveSure is known as a training platform that helps car stores to build buyer loyalty. It has a lot of customers that subscribe to the training and course material. They give their labels, addresses, cell phone numbers and e-mail to the internet site.

In 12 , 2020, DriveSure suffered an information breach which ended in 26GB of personal information getting downloaded and distributed on a cracking forum. This kind of included 3. 6 mil unique email addresses, names, phone numbers and physical addresses. Automobile information was also uncovered including makes, models, VIN numbers and odometer psychic readings.

The online hackers made the DriveSure data available for free on multiple hacking community forums, so it was freely available to any person. The attackers dumped a 22GB folder which will contained DriveSure’s MySQL databases, exposing 91 delicate databases.

PII was within the dump, and also damage boasts, extended car details and dealer and warranty information. These were most prime with respect to exploitation by simply other danger actors.

Over 93, 500 bcrypt hashed passwords were made public. Even though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Secureness explained.

Possessing poor password can allow a great attacker of stealing important computer data from the web server, so it may be important to alter them as soon as possible. In addition , it’s a good idea to wipe hard drive on your computer system before disposing of it to stop any info from getting accidentally or maliciously exposed. You can do this through a data break down software or building a fresh installing of the os.

Leave a Comment

Your email address will not be published. Required fields are marked *