Drivesure, a car dealership service provider, was the victim of a data breach in December last year. The result was that 26GB of private information was downloaded and distributed via hacking forums. The stolen data set contained names of addresses, phone numbers and addresses of 3.2 million customers as well as text messages and emails between customers and traders, vehicle VINs and service records. Also, more than 93 000 hashed bcrypt passwords were released. Although bcrypt hashes are deemed stronger than older strategies such as SHA1 and MD5 but they are able to be brute forced after downloading, as per Risk Based Security.
In a long post on Raidforums, hacker « pompompurin » provided details of the leaked user information and files. This is unusual because hackers typically share only important parts or cut-down versions of databases they have found.
The database was exposed as a result of a configuration issue in an AWS bucket used by the company, according to CISO Magazine. The AWS bucket was left unprotected for several months, which allowed anyone to access the file and its contents, including over a million unique email addresses and passwords that were stored in plaintext and secured using bcrypt.
Drivesure users should be concerned about the breach, since they could be victims of identity theft or fraud if their data is stolen. Users of the site are advised to change their passwords as soon as possible. Also, they should think about changing their login credentials on other websites using the same credentials.
Laisser un commentaire