Car dealerships need to be mindful of the risks of cyber-attacks on their data. Drivesure, a service provider that helps dealers build buyer devotion by leveraging data about customer visits and preferences, is not really immune to threats. Actually the company has suffered an enormous data infringement that may have affected 3. two million drivers’ personal information.
Cyber-terrorist dumped a 22GB folder of DriveSure databases over a hacking discussion board last check this month, according to experts at Risk Founded Security. The details dump included 91 MySQL databases with sensitive customer data including names, includes, phone numbers, email, vehicle VIN numbers, service records and damage claims. Likewise exposed were more than 93, 063 bcrypt hashed security passwords. Though bcrypt is considered a powerful encryption technique, account details saved in this manner are vunerable to brute induce attacks for longer periods of time.
The hackers apparently stole the data to sell this on forums or perhaps use it to create fake accounts on well-known websites. In addition, they could have tried it to access talk about agencies and small businesses that use Accellion’s computer software to transfer large data files. The company says it is analyzing the episode.