Drivesure, a dealership service provider, was hit by a data breach in December of last year. As a result, 26GB of private data was downloaded and then shared via hacking forums. The stolen data set included names, addresses and phone numbers of 3.2 million customers and also text messages and email messages between the customers of the traders vehicles, VINs of their vehicles and service records. More than 93, 000 Bcrypt passwords have been made public. Although bcrypt hashes are thought to be superior to older methods such as SHA1 and MD5 however, they are still able to be used for brute force redirected here after downloading, reports Risk Based Security.
In a long post on Raidforums the hacker “pompompurin” explained the leaked user information and files. This is unusual because hackers usually only share important segments or trimmed down versions of databases they have uncovered.
The database was leaked because an error in configuration in an AWS bucket that was used by the company, according to CISO Magazine. The AWS bucket was not secured for months which allowed anyone to access the database and its contents, including more than one million unique email addresses, as well as passwords stored in plaintext. The passwords were encrypted using bcrypt.
Drivesure users should be concerned about the breach, since they could be the victims of identity theft or fraud if their data is stolen. Those who use the site should change their passwords immediately. Also, they should think about changing their login credentials on other websites that use the same credentials.