Drivesure, a service provider for car dealerships, suffered a data infringement last December that led to 26GB of private data being downloaded and distributed on forums for hackers. The stolen data set included names as well as addresses and phone numbers of 3.2 million buyers as well as text message and email messages between customers and traders vehicles, VINs of their vehicles and service records. More than 93, 000 Bcrypt hashed passwords were also released. While bcrypt hashes can be considered stronger than older strategies like SHA1 or MD5 but they are able to be used for brute force following download, as reported vpnversed.com/data-room-software-for-creating-companies-wealth/ by Risk Based Security.
Hacker “pompompurin” detailed the leaked files and user information in a lengthy post on Raidforums. This is unusual, as hackers typically only share valuable portions or reduced versions of databases they have discovered.
The database was leaked because of a misconfiguration error in an AWS bucket that was used by the company according to CISO Magazine. The AWS bucket was left unprotected for a period of time and anyone was able to access the database and its contents, which included over one million unique email addresses, as well as passwords that were stored in plaintext. The passwords were encrypted using bcrypt.
The breach is of major issue for those who use drivesure, because they are more likely to be victims of identity fraud or theft when their information is stolen. Anyone who uses the site should change their passwords immediately. They should also think about changing their login credentials on other websites that require the same credentials.