Posted on Leave a comment

DriveSure Data Breach

DriveSure is mostly a training program in order to car dealerships to build consumer loyalty. It has countless customers that subscribe to it is training and course material. They offer their labels, addresses, cell phone numbers and e-mail to the web page.

In January 2020, DriveSure suffered a data breach which resulted in 26GB of private information being downloaded and shared on a cracking forum. This included 4. 6 million unique email addresses, names, cell phone numbers and physical addresses. Automobile information was also revealed including makes, models, VIN numbers and odometer psychic readings.

The cyber criminals made the DriveSure data available for free of charge on multiple hacking forums, so it was freely available to any individual. The attackers left a 22GB folder which will contained DriveSure’s MySQL databases, subjecting 91 very sensitive databases.

PII was contained in the dump, as well as damage claims, extended car details and dealer and warranty facts. These were all prime intended for exploitation by other risk actors.

More than 93, 000 bcrypt hashed passwords were made public. Though stronger than SHA1 and MD5, bcrypt passwords could be brute-forced when downloaded from a server, Risk Based Secureness explained.

Aquiring a poor pass word can allow an attacker of stealing important computer data from the web server, so is important to adjust them immediately. In addition , a fresh good idea to wipe the hard drive on your hard drive before disposing of it to avoid any info from becoming accidentally or maliciously revealed. You can do this employing a data damage system or creating a fresh installing of the operating system.

اترك تعليقاً

لن يتم نشر عنوان بريدك الإلكتروني. الحقول الإلزامية مشار إليها بـ *