Drivesure Data Breach — Магазин – Заборы и Заборчики

http://vpnversed.com/windscribe-review/

If you’re a car dealership owner or are in the automotive industry, chances are you’ve utilized a service called drivesure to train your employees to help them sell and retain customers. Many customers have submitted their full names, addresses, phone numbers, email addresses, vehicle VINs, and service records to the company and it’s possible that some of those accounts were hacked. Hackers published the information on the Raidforums forum in the last week and then offered it to the public for free.

According to Bleeping Computer, the data dump was uploaded online by a malicious agent known as «pompompurin». The motive of the attacker is not known. However it is clear that he was not to be in search of money, as he uploaded the files slowly and did not solicit payment.

Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked «backup» and in a separate folder called «AccreditationPhotos.» These images could be used to phish and spear phishing attacks.

Security researchers combing the Internet for databases that aren’t secure have discovered massive databases of information on 3.2 million DriveSure customers. The breach involves 91 MySQL database, which contains detailed inventory and dealership details and revenue data, as well as claims and reports as well as PII and 93 063 Bcrypt hashed credentials.

The company claims to be working with Microsoft to have the flaw fixed. It’s unclear whether the company will be able to get an update to the numerous smaller systems which use the older version of Accellion’s FTA.

Related Posts

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *