DriveSure Data Infringement

DriveSure Data Infringement

On March 8, 2023, Posted by , In Uncategorized, With No Comments

DriveSure is known as a training platform in order to car dealerships to build client loyalty. It has lots of customers that subscribe to its training and course material. They offer their names, addresses, phone numbers and messages to the site.

In 12 , 2020, DriveSure suffered a data breach which triggered 26GB of private information simply being downloaded and shared on a cracking forum. This kind of included three or more. 6 million unique emails, names, telephone numbers and physical addresses. Car or truck information was also open including makes, models, VIN numbers and odometer psychic readings.

The cyber-terrorist made the DriveSure data available for totally free on multiple hacking community forums, so it was freely available to any individual. The attackers left a 22GB folder which in turn contained DriveSure’s MySQL databases, revealing 91 very sensitive databases.

PII was within the dump, and damage claims, extended car details and dealer and warranty details. These were almost all prime just for exploitation by simply other menace actors.

Over 93, 000 bcrypt hashed passwords were made public. Although stronger than SHA1 and MD5, bcrypt passwords can easily still be brute-forced when downloaded from a server, Risk Based Security explained.

Using a poor password can allow an attacker of stealing your details from the web server, so it’s important to modify them immediately. In addition , the new good idea to wipe the hard drive on your hard drive before getting rid of it to stop any data from becoming accidentally or maliciously uncovered. You can do this employing a data destruction software or making a fresh installation of the main system.

Leave a Reply

Your email address will not be published. Required fields are marked *