You may have utilized drivesure as a tool for training your staff to increase sales and retain customers when you own a car dealership or work in the auto industry. Thousands of customers have provided their full names, addresses, phone numbers and email addresses, as well as their vehicle VINs, and service records to the company and it appears that some of these accounts were stolen. Hackers posted the information on the Raidforums forum in the last week and offered it for free.
According to Bleeping Computer, the data dump was made public by a threat agent known as “pompompurin”. The motive of the attacker is not known but it appears that he wasn’t to be in search of money since the data dump was uploaded slowly over time and did not demand any money.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked “backup” and in a separate folder called “AccreditationPhotos.” These images could be used in spear phishing or phishing attacks.
Researchers looking on the Internet for databases that were not adequately secured discovered a massive database containing information about 3.2 million DriveSure clients. The breach involves 91 MySQL database that contains extensive inventory and dealership information as well as revenue data, reports and claims, as well as PII, and 93 063 encrypted credentials in bcrypt.
The company claims that it is working with Microsoft to fix the problem. But it’s not clear whether the company will be able to roll a patch for the many smaller systems that use the old version of Accellion’s FTA software.
Drivesure Data Breach
You may have utilized drivesure as a tool for training your staff to increase sales and retain customers when you own a car dealership or work in the auto industry. Thousands of customers have provided their full names, addresses, phone numbers and email addresses, as well as their vehicle VINs, and service records to the company and it appears that some of these accounts were stolen. Hackers posted the information on the Raidforums forum in the last week and offered it for free.
According to Bleeping Computer, the data dump was made public by a threat agent known as “pompompurin”. The motive of the attacker is not known but it appears that he wasn’t to be in search of money since the data dump was uploaded slowly over time and did not demand any money.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked “backup” and in a separate folder called “AccreditationPhotos.” These images could be used in spear phishing or phishing attacks.
Researchers looking on the Internet for databases that were not adequately secured discovered a massive database containing information about 3.2 million DriveSure clients. The breach involves 91 MySQL database that contains extensive inventory and dealership information as well as revenue data, reports and claims, as well as PII, and 93 063 encrypted credentials in bcrypt.
The company claims that it is working with Microsoft to fix the problem. But it’s not clear whether the company will be able to roll a patch for the many smaller systems that use the old version of Accellion’s FTA software.
http://vpnversed.com/the-benefits-of-ai-based-data-software-and-how-its-different-from-traditional-one/