Skip links

DriveSure Data Infringement

DriveSure is known as a training program in order to car dealers to build client loyalty. It has lots of customers that subscribe to it is training and course material. They give their brands, addresses, telephone numbers and electronic mails to the site.

In January 2020, DriveSure suffered an information breach which triggered 26GB of personal information staying virtual collaboration software downloaded and distributed on a hacking forum. This included three or more. 6 , 000, 000 unique emails, names, phone numbers and physical addresses. Vehicle information was also uncovered including makes, models, VIN numbers and odometer psychic readings.

The online hackers made the DriveSure info available for cost-free on multiple hacking discussion boards, so it was freely accessible to any individual. The attackers left a 22GB folder which will contained DriveSure’s MySQL databases, revealing 91 hypersensitive databases.

PII was included in the dump, along with damage demands, extended car details and dealer and warranty data. These were pretty much all prime for the purpose of exploitation simply by other menace actors.

Above 93, 1000 bcrypt hashed passwords were also made public. Even though stronger than SHA1 and MD5, bcrypt passwords can easily still be brute-forced when downloaded from a server, Risk Based Secureness explained.

Possessing poor pass word can allow a great attacker of stealing your details from the hardware, so it’s important to transform them at the earliest opportunity. In addition , a fresh good idea to wipe the hard drive on your desktop before getting rid of it to avoid any data from becoming accidentally or maliciously open. You can do this by using a data break down program or creating a fresh installing of the os.

Join the Discussion