DriveSure Data Breach

DriveSure may be a training program in order to car dealerships to build buyer loyalty. It has millions of customers that subscribe to its training and course material. They give their titles, addresses, cell phone numbers and electronic mails to the site.

In December 2020, DriveSure suffered an information breach which lead to 26GB of private information becoming downloaded and shared on a cracking forum. This kind of included three or more. 6 , 000, 000 unique emails, names, contact numbers and physical addresses. Auto information was also open including makes, models, VIN numbers and odometer psychic readings.

The cyber criminals made the DriveSure data available for free on multiple hacking discussion boards, so it was freely available to anyone. The attackers left a 22GB folder which in turn contained DriveSure’s MySQL databases, subjecting 91 sensitive databases.

PII was within the dump, and also damage boasts, extended car details and dealer and warranty info. These were almost all prime to get exploitation simply by other threat actors.

More than 93, 1000 bcrypt hashed passwords were also made public. Though stronger than SHA1 and MD5, bcrypt passwords could be brute-forced when downloaded from a server, Risk Based Secureness explained.

Developing a poor username and password can allow a great attacker of stealing your details from the storage space, so is considered important to improve them as quickly as possible. In addition , it’s a good idea to wipe the hard drive on your computer system before disposing of it to prevent any info from getting accidentally or perhaps maliciously revealed. You can do this employing a data destruction plan or making a fresh installing of the main system.

Leave a Reply

Your email address will not be published. Required fields are marked *