You may have used drivesure to teach your employees how to attract and keep customers if you own a car dealership or work in the automotive industry. Many customers gave their full names, addresses number, phone numbers, emails along with vehicle VINs and service records to this service and it appears some of these accounts were stolen. The hackers posted the information on the Raidforums hacking forum, and offered it for download at no cost.
According to Bleeping Computer, the data dump was uploaded online by a threat actor known as « pompompurin ». The motive of the attacker is unknown however, he appeared not to be in search of money since he uploaded the data in a slow manner and didn’t solicit any payment.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked « backup » and in a separate folder called « AccreditationPhotos. » These photos could be used in spear attacks of phishing or phishing.
Researchers searching the Internet for databases with weak security found a massive database containing information on 3.2 million DriveSure clients. The breach affects 91 MySQL database that includes detailed inventory and dealership information, revenue data, claims and reports as well as PII and 93 063 bcrypt hashed credentials.
The company says it’s working with Microsoft to get the issue fixed. It’s not yet clear whether the company can issue a patch for the many smaller systems that are using the old version of Accellion’s FTA.