Drivesure Car Dealership Info Breach

Companies offering software or products to other companies are often vunerable to data removes. This is true of your largest firms. However , scaled-down companies like car dealerships that depend on specialized providers to run their business could find themselves by a greater exposure to possible hacking attacks.

The sort of company, drivesure, which provides services for car dealerships to help these groups build consumer loyalty, experienced a breach that left the information of about 3. 2 million persons available online. The attack occurred last December, plus the stolen info set included names, home addresses, contact numbers, text messages and emails between dealers and their customers, VINs of cars and documents as well as more than 93, 500 Bcrypt hashed passwords. Though bcrypt is viewed safer than older methods just like MD5 and SHA1, it can still be incredible forced designed for an extended period of time when there are no safe guards in place, according to protection vendor Risk Based Protection.

Hackers released the database on Raidforums hacking forums late a month ago, according to Bleeping Pc. The post reportedly included multiple directories of data files, which include those from your backend belonging to the company’s MySQL databases that exposed 91 sensitive directories ranging from in depth data room software comparison dealership and inventory information to revenue data, reports, comments and consumer data.