DriveSure Data Infringement

DriveSure is actually a training program that helps car dealers to build customer loyalty. It has an incredible number of customers that subscribe to it is training and course material. They offer their brands, addresses, cell phone numbers and emails to the web page.

In December 2020, DriveSure suffered an information breach which triggered 26GB of private information being downloaded and distributed on a hacking forum. This kind of included 4. 6 million unique email addresses, names, phone numbers and physical addresses. Car information was also revealed including makes, models, VIN numbers and odometer blood pressure measurements.

The online hackers made the DriveSure data available for free of charge on multiple hacking discussion boards, so it was freely accessible to any individual. The attackers dumped a 22GB folder which contained DriveSure’s MySQL databases, subjecting 91 very sensitive databases.

PII was as part of the dump, and damage says, extended car details and dealer and warranty info. These were most prime for exploitation simply by other menace actors.

More than 93, 000 bcrypt hashed passwords were also made public. Although stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Security explained.

Using a poor pass word can allow a great attacker to steal your details from the machine, so it is very important to alter them as quickly as possible. In addition , the new good idea to wipe hard drive on your computer before disposing of it to stop any info from simply being accidentally or maliciously uncovered. You can do this with a data damage program or creating a fresh installing of the operating-system.

My Message



My Story

Leave a Reply

Page QR Code

Build with