Car dealership supplier drivesure suffered a data breach last December that left 26GB of private info downloaded and shared on hacking discussion boards. The hackers dumped multiple databases featuring names, the address, phone numbers, electronic mails between dealers and clients and automobile details which include makes, styles, VIN quantities, documents, destruction claims and service records. Additionally , over 93, 500 bcrypt hashed accounts were also released. The passwords are cryptographically secure, but since they use bcrypt hashes (which are much better than SHA1 and MD5) attackers can still brute-force those to gain access.
The cybercriminal known as “pompompurin” published the databases in Raidforums hacking forum past due last month. The database data files contained email usernames, email addresses and passwords. The hazard actor as well provided comprehensive descriptions of the leaked databases and customer information, with respect to secureness vendor Risk Based Protection, which initial spotted the results dump.
The database of nearly three million Drivesure subscribers features personal and financial details like driver’s license browse around these guys statistics, credit card accounts and traditional bank statements. It may be used for personal information theft, scams and other illegitimate activities. The hack is another sort of how data breaches can occur when small businesses use thirdparty software. The recent favola of SolarWinds, Washington California’s auditor and Wind Lake Systems is yet another. These companies will be among those that sell application to help large organizations copy large documents. Smaller businesses also use these third-party programs to handle their inner networks and computers. Despite the best campaigns of these businesses to protect their particular customer data, they are somewhat insecure.