DriveSure is a training platform in order to car dealers to build consumer loyalty. It has millions of customers that subscribe to the training and course material. They give their labels, addresses, contact numbers and e-mail to the site.
In 12 2020, DriveSure suffered an information breach which led to 26GB of private information staying downloaded and shared on a cracking forum. This kind of included three or more. 6 mil unique email addresses, names, cell phone numbers and physical addresses. Car or truck information was also exposed including makes, models, VIN numbers and odometer blood pressure measurements.
The cyber criminals made the DriveSure data available for absolutely free on multiple hacking message boards, so it was freely accessible to anyone. The attackers dumped a 22GB folder which contained DriveSure’s MySQL databases, exposing 91 delicate databases.
PII was included in the dump, as well as damage comments, extended car details and dealer and warranty data. These were pretty much all prime designed for exploitation simply by other hazard actors.
Over 93, 000 bcrypt hashed passwords were made public. Even though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Secureness explained.
Having a poor username and password can allow an attacker to steal AI analytics important computer data from the hardware, so it’s important to change them at the earliest opportunity. In addition , a fresh good idea to wipe the hard drive on your computer system before getting rid of it to prevent any data from simply being accidentally or maliciously subjected. You can do this by using a data destruction plan or setting up a fresh installing of the main system.