Skip to main content

Drivesure Data Infringement

By agosto 14, 2023agosto 15th, 2023Uncategorized

Car dealership vendor drivesure suffered a data breach last December that left 26GB of private facts downloaded and shared on hacking forums. The hackers dumped multiple databases featuring names, includes, phone numbers, electronic mails between stores and clients and car or truck details which includes makes, models, VIN numbers, documents, destruction claims and service records. Additionally , over 93, 500 bcrypt hashed security passwords were also released. The passwords are cryptographically protected, but since they use bcrypt hashes (which are better than SHA1 and MD5) attackers can easily still brute-force those to gain access.

The cybercriminal known as «pompompurin» published the databases in Raidforums cracking forum later last month. The database data contained usernames, email addresses and passwords. The risk actor also provided precise descriptions in the leaked sources and customer information, in respect to protection vendor Risk Based Reliability, which first spotted the data dump.

The database of nearly three million Drivesure subscribers includes personal and financial facts like license numbers, credit card accounts and bank statements. It can be used for personality theft, fraud and other unlawful activities. The hack is another example of how data breaches can happen when smaller businesses use third-party software. The recent saga of SolarWinds, Washington California’s auditor and Wind Lake Systems is another. These companies will be among those that sell computer software to help huge organizations copy large documents. Smaller businesses also use these thirdparty programs to deal with their inner networks and computers. In spite of the best campaigns of these corporations to protect their particular customer data, they are weak.


Author Jameson

More posts by Jameson

Leave a Reply