DriveSure Data Breach

DriveSure is a training system that helps car dealers to build customer loyalty. It has numerous customers that subscribe to it is training and course material. They offer their titles, addresses, phone numbers and e-mail to the internet site.

In Dec 2020, DriveSure suffered a data breach drivesure data breach which ended in 26GB of personal information getting downloaded and shared on a cracking forum. This kind of included 3. 6 mil unique emails, names, phone numbers and physical addresses. Car or truck information was also open including makes, models, VIN numbers and odometer readings.

The hackers made the DriveSure info available for totally free on multiple hacking community forums, so it was freely available to any individual. The attackers dumped a 22GB folder which in turn contained DriveSure’s MySQL databases, exposing 91 very sensitive databases.

PII was contained in the dump, as well as damage promises, extended car details and dealer and warranty info. These were almost all prime with respect to exploitation simply by other risk actors.

More than 93, 000 bcrypt hashed passwords were made public. Although stronger than SHA1 and MD5, bcrypt passwords could be brute-forced when downloaded from a server, Risk Based Security explained.

Creating a poor pass word can allow a great attacker of stealing your data from the server, so it may be important to modification them as quickly as possible. In addition , a fresh good idea to wipe the hard drive on your computer system before disposing of it to prevent any info from being accidentally or maliciously exposed. You can do this by using a data devastation method or making a fresh installing of the operating-system.