DriveSure Data Breach
DriveSure can be described as training system that helps car dealerships to build customer loyalty. It has an incredible number of customers that subscribe to the training and course material. They supply their titles, addresses, contact numbers and email messages to the web page.
In December 2020, DriveSure suffered a data breach which led to 26GB of private information being downloaded and shared on a hacking forum. This kind of included 4. 6 million unique emails, names, cell phone numbers and physical addresses. Car information was also exposed including makes, models, VIN numbers and odometer readings.
The online hackers made the DriveSure info available for absolutely free on multiple hacking community forums, so it was freely accessible to any person. The check this attackers broke up with a 22GB folder which will contained DriveSure’s MySQL databases, exposing 91 delicate databases.
PII was included in the dump, and also damage promises, extended car details and dealer and warranty data. These were every prime just for exploitation simply by other risk actors.
Above 93, 1000 bcrypt hashed passwords were made public. Even though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Protection explained.
Developing a poor pass word can allow a great attacker of stealing your data from the hardware, so it could be important to improve them at the earliest opportunity. In addition , a fresh good idea to wipe the hard drive on your pc before disposing of it in order to avoid any info from becoming accidentally or maliciously revealed. You can do this employing a data devastation software or setting up a fresh installing of the main system.