Drivesure Data Breach

Car dealership supplier drivesure suffered a data breach last December that left 26GB of private info downloaded and shared upon hacking discussion boards. The online hackers dumped multiple databases that contain names, contact information, phone numbers, email messages between dealerships and buyers and motor vehicle details including makes, products, VIN statistics, documents, harm claims and service records. Additionally , over 93, 500 bcrypt hashed security passwords were also released. The passwords happen to be cryptographically safeguarded, but given that they use bcrypt hashes (which are much better than SHA1 and MD5) attackers can still brute-force these to gain access.

The cybercriminal known as “pompompurin” published the databases about Raidforums cracking forum overdue last month. The database files contained email usernames, email addresses and passwords. The virtual collaboration software menace actor likewise provided complete descriptions with the leaked sources and user information, matching to secureness vendor Risk Based Security, which 1st spotted the details dump.

The database of nearly 3 million Drivesure subscribers comes with personal and financial details like driver’s license quantities, credit card accounts and bank statements. It could be used for personal information theft, fraudulence and other unlawful activities. The hack is another sort of how info breaches can happen when small businesses use thirdparty software. The recent tale of SolarWinds, Washington State’s auditor and Wind Riv Systems is yet another. These companies happen to be among those that sell program to help huge organizations copy large documents. Smaller businesses also use these third-party programs to deal with their internal networks and computers. Inspite of the best attempts of these companies to protect their very own customer info, they are insecure.