DriveSure, a corporation that helps car dealerships promote and preserve customers, got 3. two million consumer records leaked this month. Online hackers illegally attained the data and posted this to multiple hacking message boards. The data was offered for free and included names, contact information, phone numbers and emails and also vehicle VIN numbers, documents and damage claims. The data included as well information by large corporate accounts and military details.
The attackers released a 22GB folder that composed of the DriveSure MySQL directories, which open 91 delicate databases. The database get rid of was combined with PII, harm cases, expanded car information and supplier and warranty info and over 93, 500 bcrypt hashed passwords, Risk Centered Reliability stated in a writing on January 4. Although security gurus consider bcrypt more secure than SHA1 or MD5, it can still be brute-forced with sufficient computer power.
The attackers publicized the data source http://vpnversed.com/ in Raidforums late last month under the username “pompompurin. ” They will wrote a lengthy post to explain so why they were writing a comment the data, a behavior honestly, that is uncommon just for hackers. Commonly, they only share beneficial segments or trimmed straight down versions of user sources.