Drivesure Data Breach Revealed

Share

Share on facebook
Share on linkedin
Share on whatsapp
Share on pinterest

The personal data of millions of American car owners who have signed up to a roadside assistance program offered by the company drivesure is available online after a cybercriminal illegally hacked the firm and dumped a variety of sources of its databases on hacking forums. A security researcher from the vendor Risk Based Security discovered the vpnversed.com/ databases on raidforums cracking forums past due last month and informed Drivesure of the issue this week. The databases contain names, addresses mobile phone numbers, electronic mails, as well as information on the vehicle of customers including their model, VIN number and the produce. The breach also contained 93,000 bcrypt passwords that are usually used to safeguard information stored by secure software. These passwords are still brute forceable if an attacker is able to run scripts for days on them.

Drivesure is a provider of services that helps car dealerships increase customer loyalty by leveraging information about their interactions with customers. The company is based in Illinois and focuses on employee retention as well as consumer training programs, among other things.

Thompson exploited a vulnerability that was not patched in the cloud firewall configuration in order to bypass security measures at the company and gain access to directories and data buckets. Thompson then uploaded her stolen data onto GitHub and then gradually changed the information as she continued to hack. It is unclear if she intended to earn money from the hack. In the last few weeks, several other prominent targets were also targeted. They included Washington State unemployment claimants whose claims were affected by a security breach that occurred in an external service that was used by an auditor, as well as employees of air charter company Solairus Aviation.

Share

Share on facebook
Share on twitter
Share on linkedin
Share on google
Share on whatsapp
Share on pinterest

Leave a Comment