Comments (0)
Drivesure Data Breach
If you’re a dealership owner or in the automotive industry, chances are you’ve used a service called drivesure to train your employees to help them sell and retain customers. Many customers have provided their full names, address, phone numbers, emails, vehicle VINs, and service records to this service and it’s believed that some of these accounts have been stolen. Hackers made public the details on the Raidforums forum in the last week and provided it for free.
The dump of data was uploaded by a threat actor known as “pompompurin,” according to Bleeping Computer news service. The attacker’s motive is unknown however, he appeared not to be seeking money as the data was uploaded in a slow manner and didn’t solicit any payment.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked “backup” and in a separate folder called “AccreditationPhotos.” These images could be used in spear attack on phishing or other phishing.
Researchers looking on the Internet for poorly protected databases discovered a massive database with information on 3.2 million DriveSure clients. The breach includes more than 91 MySQL databases that include detailed dealership and inventory information as well as revenue data, reports and claims as well as PII and 93,063 hashed passwords in bcrypt.
The company says it’s working with Microsoft to get the flaw fixed. It’s not clear yet whether the company will be able to get an update to the numerous smaller systems which use the older version Accellion’s FTA.
Recent Posts
Recent Comments
Archives
- April 2024
- January 2024
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- September 2015
- July 2015
LEAVE A REPLY
Your email address will not be published. Required fields are marked *