Drivesure Data Breach Revealed
After a cybercriminal hacked the company, and then dump numerous databases of the firm on hacking forums personal details of millions of American car owners who signed up to a roadside assistance program provided by drivesure is available online. A researcher from the security vendor Risk Based Security discovered the raidforums databases on cracking forums that were due to expire in the month of March and informed Drivesure of the issue this week. The databases contain names, addresses volumes of cell phones, electronic mails. They also include information about the vehicles of customers, which includes their model, production and VIN number along with service records and damage claims. The breach also included over 93,000 passwords that were encrypted using bcrypt. These are typically used to safeguard data stored by a secure application. These passwords are vulnerable to brute force if an attacker runs scripts for hours on them.
Drivesure is a service provider that helps car dealerships build customer loyalty by leveraging information about their interactions with customers. The Illinois-based company focuses on employee training programs and customer retention, among other things.
Thompson exploited a flaw that was unpatched in the cloud firewall configuration in order to bypass security measures within the company and gain access to directories and data buckets. Thompson then uploaded the stolen data to GitHub and gradually updated it while she continued to hack. Whether she was trying to earn money from her attack is unclear. Other prominent targets have been hit over the past few weeks, including unemployment claimants from Washington state, who were caught by a security breach involving an external software application that was used by the auditor and employees of air charter company Solairus Aviation.