DriveSure may be a training system in order to car dealers to build consumer loyalty. It has many customers that subscribe to its training and course material. They give their brands, addresses, phone numbers and messages to the site.

In Dec 2020, DriveSure suffered a data breach which lead to 26GB of private information staying downloaded and shared on a cracking forum. This kind of included 3. 6 , 000, 000 unique emails, names, telephone numbers and physical addresses. Vehicle information was also open including makes, models, VIN numbers and odometer psychic readings.

The cyber criminals made the DriveSure data available for no cost on multiple hacking discussion boards, so it was freely attainable to anyone. The attackers dumped a 22GB folder which usually contained DriveSure’s MySQL databases, revealing 91 very sensitive databases.

PII was within the dump, as well as damage boasts, extended car details and dealer and warranty data. These were almost all prime pertaining to exploitation by other risk actors.

More than 93, 1000 bcrypt hashed passwords were made public. Though stronger than SHA1 and MD5, bcrypt passwords can still be brute-forced when downloaded from a server, Risk Based Secureness explained.

Aquiring a poor username and password can allow an attacker to steal your details from the hardware, so it could be important to modification them at the earliest opportunity. In addition , the new good idea to wipe the hard drive on your computer before getting rid of it to avoid any info from being accidentally or maliciously open. You can do this through a data devastation system or building a fresh installation of the operating system.