DriveSure Data Break
DriveSure is mostly a training platform in order to car stores to build consumer loyalty. It has millions of customers that subscribe to their training and course material. They feature their titles, addresses, cell phone numbers and electronic mails to the site.
In December 2020, DriveSure suffered an information breach which lead to 26GB of private information becoming vpnversed.com/data-rooms-comparison-for-the-best-choice/ downloaded and distributed on a hacking forum. This kind of included 3. 6 million unique emails, names, phone numbers and physical addresses. Auto information was also subjected including makes, models, VIN numbers and odometer readings.
The hackers made the DriveSure info available for free of charge on multiple hacking forums, so it was freely available to anyone. The attackers broke up with a 22GB folder which will contained DriveSure’s MySQL databases, exposing 91 sensitive databases.
PII was contained in the dump, and damage statements, extended car details and dealer and warranty facts. These were pretty much all prime designed for exploitation by simply other threat actors.
More than 93, 000 bcrypt hashed passwords were made public. Even though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Protection explained.
Working with a poor username and password can allow a great attacker of stealing important computer data from the server, so it could be important to change them immediately. In addition , a fresh good idea to wipe hard drive on your pc before getting rid of it in order to avoid any info from simply being accidentally or perhaps maliciously exposed. You can do this with a data devastation application or setting up a fresh installation of the os.