Drivesure, a car dealership service provider, was the victim of a data breach in December of last year. As a result, 26GB of private data was downloaded and then shared via hacking forums. The hacked data set included names of addresses, phone numbers and addresses of 3.2 million customers and also text messages and emails between traders and their customers VINs of vehicles and service records. More than 93, 000 bcrypt passwords that were hashed were also made public. Although bcrypt is regarded as stronger than older strategies like MD5 and SHA1, MD5, the hashes can still be brute-forced after they are downloaded, Risk Based Security reports.
Hacker „pompompurin“ revealed the leak of user data and files in a lengthy blog post on Raidforums. This is atypical, since hackers typically only share valuable segments or trimmed-down versions of the databases they’ve discovered.
According to CISO Magazine, the database was exposed due to a misconfiguration in an AWS bucket that was used by the company. The AWS bucket had been left unprotected, which allowed anyone to gain access to it and its contents. This included more than a million email addresses in plaintext, as were passwords encrypted using the bcrypt encryption method.
The breach is of major issue for those who use drivesure, as they could be victims of identity theft or fraud in the event that their personal information is stolen. Those who use the site should change their passwords immediately. Additionally, they should consider changing their login credentials on other websites where they use the same credentials.