Drivesure Data Breach

Despite the fact that normally invest in teaching their personnel and reliability check this measures to protect data from cybercriminals, attacks even now happen. This kind of was the case with a new attack that remaining millions of personal details from a company referred to as drivesure in hacking message boards.

The Illinois-based car dealership provider drivesure, which usually specializes in worker training courses and client retention, endured a data break that subjected the information of approximately 3. 2 million clients. According to a blog post on January 4 this year by the secureness vendor Risk Based Protection, cyber criminals dumped multiple directories of database data files on a darker web discussion board. The data included names, house and cellular phone numbers, email addresses, messages between dealerships and clients, motor vehicle make and model and VIN number, service records and damage cases. In addition , over 93, 000 bcrypt hashed passwords were released. Though bcrypt is known as a strong encryption method when compared with older methods like SHA1 and MD5, hackers can use scripts to brute-force the hashed passwords.

The 3. 2 million info things were posted on Raidforums by an attacker using the handle “pompompurin. ” In addition to the customer database, cyber-terrorist released a 22GB file that included the DriveSure MySQL databases. The drop exposed 91 sensitive sources, including PII, damage requirements, extended car facts and dealer and warranty data. As a result of the leak, a person with a DriveSure account must look into changing all their password right away.