DriveSure is known as a training system in order to car dealerships to build client loyalty. It has countless customers that subscribe to the training and course material. They provide their labels, addresses, cell phone numbers and email messages to the site.

In January 2020, DriveSure suffered an information breach which triggered 26GB of personal information staying downloaded and distributed on a hacking forum. This included two. 6 mil unique emails, names, cell phone numbers and physical addresses. Motor vehicle information was also open including makes, models, VIN numbers and odometer blood pressure measurements.

The hackers made the DriveSure data available for cost-free on multiple hacking discussion boards, so it was freely attainable to anyone. The attackers broke up with a 22GB folder which usually contained DriveSure’s MySQL databases, revealing 91 sensitive databases.

PII was within the dump, along with damage demands, extended car details and dealer and warranty information. These were each and every one prime with respect to exploitation by simply other hazard actors.

Above 93, 000 bcrypt hashed passwords were also made public. Even though stronger than SHA1 and MD5, bcrypt passwords could be brute-forced when downloaded from a server, Risk Based Security explained.

Aquiring a poor security password can allow a great attacker to steal important computer data from the hardware, so it’s important to improve them as quickly as possible. In addition , the new good idea to wipe the hard drive on your pc before disposing of it to avoid any data from becoming accidentally or maliciously revealed. You can do this simply using a data destruction method or setting up a fresh installation of the main system.