DriveSure can be described as training platform that helps car dealers to build buyer loyalty. It has countless customers that subscribe to the training and course material. They give their labels, addresses, contact numbers and emails to the web page.

In 12 , 2020, DriveSure suffered a data breach which triggered 26GB of personal information getting downloaded and distributed on a cracking forum. This included 3. 6 , 000, 000 unique email addresses, names, contact numbers and physical addresses. Car information was also open including makes, models, VIN numbers and odometer psychic readings.

The hackers made the DriveSure info available for absolutely free on multiple hacking forums, so it was freely available to any individual. The attackers left a 22GB folder which will contained DriveSure’s MySQL databases, exposing 91 sensitive databases.

PII was within the dump, and damage claims, extended car details and dealer and warranty info. These were most prime with respect to exploitation simply by other threat actors.

Above 93, 500 bcrypt hashed passwords were also made public. Though stronger than SHA1 and MD5, bcrypt passwords could be brute-forced when downloaded from a server, Risk Based Security explained.

Possessing a poor pass word can allow a great attacker of stealing your details from the web server, so it could be important to transform them as quickly as possible. In addition , it’s a good idea to wipe the hard drive on your pc before disposing of it in order to avoid any data from being accidentally or maliciously uncovered. You can do this with a data break down software or setting up a fresh installation of the operating system.