DriveSure Data Breach

DriveSure may be a training system in order to car dealers to build customer loyalty. It has millions of customers that subscribe to their training and course material. They supply their names, addresses, phone numbers and messages to the internet site.

In December 2020, DriveSure suffered an information breach which triggered 26GB of private information becoming redirected here downloaded and shared on a cracking forum. This included 4. 6 mil unique email addresses, names, telephone numbers and physical addresses. Automobile information was also open including makes, models, VIN numbers and odometer blood pressure measurements.

The cyber criminals made the DriveSure data available for absolutely free on multiple hacking discussion boards, so it was freely accessible to any individual. The attackers broke up with a 22GB folder which will contained DriveSure’s MySQL databases, revealing 91 very sensitive databases.

PII was within the dump, and also damage boasts, extended car details and dealer and warranty info. These were most prime with respect to exploitation simply by other menace actors.

Over 93, 1000 bcrypt hashed passwords were also made public. Though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Security explained.

Getting a poor password can allow an attacker to steal important computer data from the storage space, so it is very important to modification them immediately. In addition , it’s a good idea to wipe hard drive on your pc before getting rid of it to stop any info from being accidentally or perhaps maliciously open. You can do this through a data damage program or making a fresh installation of the operating-system.