DriveSure may be a training system that helps car dealerships to build buyer loyalty. It has scores of customers that subscribe to the training and course material. They give their labels, addresses, telephone numbers and emails to the internet site.
In 12 2020, DriveSure suffered an information breach board portal software which resulted in 26GB of personal information becoming downloaded and shared on a hacking forum. This included a few. 6 mil unique emails, names, contact numbers and physical addresses. Automobile information was also exposed including makes, models, VIN numbers and odometer psychic readings.
The hackers made the DriveSure info available for no cost on multiple hacking discussion boards, so it was freely accessible to any person. The attackers broke up with a 22GB folder which in turn contained DriveSure’s MySQL databases, subjecting 91 sensitive databases.
PII was included in the dump, as well as damage demands, extended car details and dealer and warranty details. These were all of the prime for the purpose of exploitation by other threat actors.
Over 93, 1000 bcrypt hashed passwords were made public. Even though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Secureness explained.
Using a poor security password can allow a great attacker of stealing your data from the web server, so is important to change them immediately. In addition , a fresh good idea to wipe the hard drive on your desktop before getting rid of it to prevent any info from getting accidentally or maliciously uncovered. You can do this with a data break down program or creating a fresh installation of the os.