Drivesure Car Dealership Info Breach

Companies that offer software or products to other web based often at risk of data breaches. This is true of however, largest businesses. However , small companies like car stores that depend on specialized offerings to run the business could find themselves for a greater exposure to possible hacking attacks.

One particular company, drivesure, which provides assistance for car dealerships to help them build customer loyalty, experienced a infringement that kept the information of about 3. 2 million persons available online. The attack occurred last December, and the stolen info set included names, home addresses, cell phone numbers, text messages and emails among dealers and their customers, VINs of cars and service records as well as over 93, 500 Bcrypt hashed passwords. Although bcrypt is viewed more secure than more mature methods just like MD5 and SHA1, it can still be brute forced to get an extended time period when you will discover no safeguards in place, in accordance to protection vendor Risk Based Secureness.

Hackers submitted the data source on Raidforums hacking discussion boards late last month, according to Bleeping Computer system. The content reportedly included multiple directories of information files, which include those from backend on the company’s MySQL databases that exposed 91 sensitive databases ranging from precise store and inventory information to revenue data, reports, cases and consumer data.

Leave a reply