Drivesure Data Breach
Drivesure, a service provider for car dealerships, was the victim of a data hack in December that led to 26GB of personal information being downloaded and distributed on forums for hackers. The data breached included names address, addresses and phone numbers of 3.2 million customers and also messages sent via email and text messages between traders and their clients vehicles, VINs of their vehicles, and service records. More than 93, 000 Bcrypt passwords have been made public. While bcrypt hashes can be considered superior to older methods such as SHA1 and MD5 but they are able to be used to brute force after downloading, as per Risk Based Security.
Hacker “pompompurin” revealed the leaked user data and files in a lengthy blog post on Raidforums. This is unusual since hackers typically share only important fragments or reduced versions of the databases they have discovered.
According to CISO Magazine, the database was exposed due to a misconfiguration in an AWS bucket that was being used by the company. The AWS bucket had been left unprotected, allowing anyone to gain access to the contents and data. This included over a million email addresses in plaintext, and passwords encrypted with Bcrypt.
The breach is of major concern for those who use drivesure, since they could be victims of identity theft or fraud if their details are stolen. Users of the site must change their passwords as soon as possible. Additionally, they should consider changing their login details on other sites using the same credentials.
