DriveSure Data Break

08 Mar DriveSure Data Break

DriveSure can be described as training system that helps car dealerships to build client loyalty. It has many customers that subscribe to it is training and course material. They give their brands, addresses, contact numbers and messages to the site.

In Dec 2020, DriveSure suffered an information breach which triggered 26GB of personal information getting downloaded and shared on a hacking forum. This included 3 or more. 6 million unique email addresses, names, phone numbers and physical addresses. Car information was also subjected including makes, models, VIN numbers and odometer psychic readings.

The cyber-terrorist made the DriveSure data available for no cost on multiple hacking discussion boards, so it was freely available to anyone. The attackers broke up with a 22GB folder which contained DriveSure’s MySQL databases, revealing 91 sensitive databases.

PII was contained in the dump, as well as damage remarks, extended car details and dealer and warranty information. These were most prime designed for exploitation by simply other danger actors.

Above 93, 1000 bcrypt hashed passwords were made public. Although stronger than SHA1 and MD5, bcrypt passwords could be brute-forced when downloaded from a server, Risk Based Security explained.

Aquiring a poor pass word can allow a great attacker to steal your computer data from the hardware, so is considered important to modify them as quickly as possible. In addition , it’s a good idea to wipe hard drive on your desktop before getting rid of it to stop any info from currently being accidentally or maliciously open. You can do this through a data damage Click Here program or setting up a fresh installation of the os.