DriveSure Data Breach

DriveSure is known as a training platform in order to car dealers to build client loyalty. It has an incredible number of customers that subscribe to it is training and course material. They provide their titles, addresses, cell phone numbers and email messages to the site.

In 12 2020, DriveSure suffered an information breach which lead to 26GB of private information getting downloaded and distributed on a hacking forum. This included four. 6 mil unique emails, names, contact numbers and physical addresses. Car or truck information was also exposed including makes, models, VIN numbers and odometer readings.

The cyber-terrorist made the DriveSure info available for no cost on multiple hacking forums, so it was freely available to anyone. The attackers broke up with a 22GB folder which contained DriveSure’s MySQL databases, disclosing 91 very sensitive databases.

PII was as part of the dump, as well as damage says, extended car details and dealer and warranty info. These were all of the prime with respect to exploitation simply by other risk actors.

More than 93, 000 bcrypt hashed passwords were made public. Even though stronger than SHA1 and MD5, bcrypt passwords can easily still be brute-forced when downloaded from a server, Risk Based Secureness explained.

Using a poor password can allow an attacker of stealing important computer data from the server, so it may be important to improve them at the earliest opportunity. In addition , a fresh good idea to wipe hard drive on your desktop before getting rid of it to avoid any info from becoming accidentally or maliciously uncovered. You can do this simply using a data devastation software or making a fresh installation of the operating system.