Drivesure Data Break

Despite the fact that normally invest in schooling their personnel and reliability procedures to protect data from cybercriminals, attacks still happen. These kinds of was the case with a new attack that left millions of personal details coming from a company called drivesure on hacking discussion boards.

The Illinois-based car dealership company drivesure, which in turn specializes in staff training applications and customer retention, suffered a data breach that exposed the information of approximately 3. a couple of million consumers. According to a blog post on January 4 this year by the reliability vendor Risk Based Protection, cyber-terrorist dumped multiple directories of database data files on a dark web message board. The data included names, house and cellular phone numbers, email addresses, messages between dealerships and clients, car make and model and VIN quantity, service records and damage boasts. In addition , over 93, 000 bcrypt hashed passwords were released. Though bcrypt is known as a strong security method in comparison to older methods like SHA1 and MD5, hackers can use scripts to brute-force the hashed security passwords.

The 3. 2 million data redirected here points were publicized on Raidforums by a great attacker making use of the handle “pompompurin. ” In addition to the end user database, cyber-terrorist released a 22GB record that comprised the DriveSure MySQL sources. The dump exposed 91 sensitive directories, including PII, damage demands, extended car facts and dealer and warranty info. As a result of the leak, a person with a DriveSure account should consider changing all their password immediately.