DriveSure Data Breach

DriveSure is a training platform that helps car stores to build customer loyalty. It has a lot of customers that subscribe to the training and course material. They give their names, addresses, contact numbers and emails to the site.

In 12 , 2020, DriveSure suffered an information breach which resulted in 26GB of private information currently being downloaded and shared on a hacking forum. This included a few. 6 mil unique emails, names, contact numbers and physical addresses. Vehicle information was also revealed including makes, models, VIN numbers and odometer psychic readings.

The hackers made the DriveSure data available for free on multiple hacking discussion boards, so it was freely attainable to any individual. The attackers left a 22GB folder which contained DriveSure’s MySQL databases, revealing 91 delicate databases.

PII was as part of the dump, along with damage demands, extended car details and dealer and warranty information. These were most prime pertaining to exploitation by simply other risk actors.

Above 93, 500 bcrypt hashed passwords were also made public. Though stronger than SHA1 and MD5, bcrypt passwords can easily still be brute-forced when downloaded from a server, Risk Based Protection explained.

Having a poor security password can allow a great attacker of stealing your computer data from the hardware, so it is important to change them as quickly as possible. In addition , the new good idea to wipe the hard drive on your desktop before getting rid of it to prevent any info from becoming accidentally or perhaps maliciously exposed. You can do this simply using a data break down software or creating a fresh installation of the operating-system.