DriveSure is actually a training system in order to car dealers to build buyer loyalty. It has an incredible number of customers that subscribe to it is training and course material. They offer their labels, addresses, telephone numbers and email messages to the internet site.

In 12 , 2020, DriveSure suffered an information breach which triggered 26GB of personal information staying downloaded and distributed on a hacking forum. This kind of included 4. 6 , 000, 000 unique email addresses, names, telephone numbers and physical addresses. Car or truck information was also open including makes, models, VIN numbers and odometer blood pressure measurements.

The cyber-terrorist made the DriveSure data available for free of charge on multiple hacking discussion boards, so it was freely accessible to anyone. The attackers dumped a 22GB folder which in turn contained DriveSure’s MySQL check this databases, subjecting 91 hypersensitive databases.

PII was contained in the dump, as well as damage statements, extended car details and dealer and warranty data. These were each and every one prime intended for exploitation simply by other threat actors.

More than 93, 1000 bcrypt hashed passwords were also made public. Even though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Security explained.

Possessing poor username and password can allow an attacker of stealing your computer data from the machine, so it’s important to adjust them at the earliest opportunity. In addition , a fresh good idea to wipe the hard drive on your computer before disposing of it to avoid any data from becoming accidentally or perhaps maliciously exposed. You can do this through a data damage application or making a fresh installation of the operating system.