NMLS #1276463 / OR License #5342

DriveSure Data Infringement

DriveSure may be a training program that helps car dealerships to build buyer loyalty. It has countless customers that subscribe to its training and course material. They give their labels, addresses, phone numbers and messages to the web page.

In December 2020, DriveSure suffered an information breach which resulted in 26GB of private information currently being downloaded and shared on a cracking forum. This included two. 6 million unique emails, names, contact numbers and physical addresses. Automobile information was also open including makes, models, VIN numbers and odometer readings.

The cyber criminals made the DriveSure data available for absolutely free on multiple hacking forums, so it was freely attainable to any individual. The attackers broke up with a 22GB folder which will contained DriveSure’s MySQL databases, disclosing 91 delicate databases.

PII was contained in the dump, as well as damage cases, extended car details and dealer and warranty info. These were almost all prime just for exploitation by other risk actors.

More than 93, 000 bcrypt hashed passwords were also made public. Although stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Secureness explained.

Developing a poor username and password can allow a great attacker of stealing important computer data from the web server, so it is very important to improve them immediately. In addition , a fresh good idea to wipe the hard drive on your desktop before disposing of it in order to avoid any data from currently being accidentally or maliciously subjected. You can do this by using a data destruction vpnversed.com/the-benefits-of-ai-based-data-software-and-how-its-different-from-traditional-one/ system or creating a fresh installation of the main system.