DriveSure Data Breach

Small businesses quite often outsource IT to get the skills they require for particular applications. check this For example , car dealerships work with software meant for roadside assistance that can help with customer service and sales. However, those thirdparty providers may also be vulnerable to cyberattacks.

The personal facts of thousands of drivers who sign up to a program proposed by the automobile dealership computer software company drivesure has been widely available on a hacking discussion board. On January 4th, researchers at Risk Founded Security uncovered a 22GB folder that contained multiple databases from the company on a hacking site. The databases included names, home and email addresses, telephone numbers, text and email messages between dealerships and clients, and car information which include make and model and VIN quantities. It was all ripe for fermage by cybercriminals.

The opponent likewise dumped over 93, 500 bcrypt hashed passwords in the DriveSure database. Although bcrypt is better than SHA1 and MD5, it can still be brute obligated if the passwords happen to be weak, according to Risk Based Protection.

If your info was jeopardized, contact the influenced organization and alter your security passwords. Also, consider removing extra account facts like smartphone statistics or email messages you would not use. This could reduce the quantity of PII that cyber criminals have access to. Finally, be wary of file sharing, particularly with vendors that are a component of your supply chain. The recent break of Accellion, which provides software in order to companies transfer large documents, was a good example.

Leave a Reply


captcha *