DriveSure is a training platform that helps car stores to build consumer loyalty. It has countless customers that subscribe to the training and course material. They give their labels, addresses, cell phone numbers and e-mails to the site.
In January 2020, DriveSure suffered an information breach is Windscribe safe which resulted in 26GB of private information becoming downloaded and shared on a cracking forum. This included 2. 6 million unique email addresses, names, cell phone numbers and physical addresses. Car information was also revealed including makes, models, VIN numbers and odometer blood pressure measurements.
The cyber-terrorist made the DriveSure data available for absolutely free on multiple hacking community forums, so it was freely available to any person. The attackers left a 22GB folder which contained DriveSure’s MySQL databases, exposing 91 hypersensitive databases.
PII was within the dump, as well as damage claims, extended car details and dealer and warranty info. These were all prime intended for exploitation by simply other danger actors.
More than 93, 500 bcrypt hashed passwords were made public. Though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Reliability explained.
Using a poor pass word can allow a great attacker of stealing your computer data from the web server, so it could be important to transform them at the earliest opportunity. In addition , a fresh good idea to wipe the hard drive on your computer system before disposing of it to avoid any data from simply being accidentally or maliciously uncovered. You can do this with a data devastation program or making a fresh installation of the operating system.
