Drivesure Car Dealership Data Breach

Companies that offer software or perhaps products to other businesses are often susceptible to data removes. This is true of your largest firms. However , smaller sized companies just like car stores that depend on specialized companies to run their very own business may find themselves for a greater exposure to possible hacking attacks.

The type of company, drivesure, which provides support for car dealerships to help them build consumer loyalty, skilled a breach that remaining the information of approximately 3. 2 million persons available online. The attack happened last December, plus the stolen info set included names, residence addresses, phone numbers, text messages and emails between dealers and their customers, VINs of cars and documents as well as over 93, 1000 Bcrypt hashed passwords. Although bcrypt is considered more secure than more mature methods like MD5 and SHA1, it can still be brute forced for an extended time frame when there are no safe guards in place, as per to security vendor Risk Based Security.

Hackers created the database on Raidforums hacking discussion boards late last month, according to Bleeping Computer system. The content reportedly included multiple directories of data files, including those from your backend with the company’s MySQL databases that exposed 91 sensitive sources ranging from thorough car dealership and products on hand information to revenue info, reports, boasts and consumer data.