DriveSure, an organization that helps car dealerships offer and save customers, experienced 3. two million client records leaked this month. Hackers illegally attained the data and posted that to multiple hacking message boards. The data was offered totally free and included names, contact information, phone numbers and emails along with vehicle VIN numbers, service records and damage demands. The data also included information from large company accounts and military the address.

The assailants released a 22GB folder that comprised of the DriveSure MySQL databases, which exposed 91 delicate databases. The database dump was combined with PII, destruction cases, extended car particulars and seller and warranty info and over 93, 500 bcrypt hashed account details, Risk Based Reliability explained in a writing on January 4. When security pros consider bcrypt more secure than SHA1 or MD5, it can nevertheless be brute-forced with sufficient processing power.

The attackers published the databases in Raidforums late last month underneath the username “pompompurin. ” They will wrote a lengthy content to explain so why they were submitting the data, a behavior honestly, that is uncommon for hackers. Commonly, they just share useful segments or trimmed straight down versions of user databases.

Laisser un commentaire