After a cybercriminal hacked the company, and then dump multiple databases onto hacking forums, the personal data of millions of American motorists who signed up to a roadside assistance program provided by drivesure is accessible online. A security researcher from the vendor Risk Based Security discovered the databases on raidforums cracking forums past due last month, and reported them to Drivesure this week. The databases include names, deals with, cellular phone volumes and electronic mails as well as information on cars of customers which includes their make, model and VIN numbers, along with service records and damage claims. The breach also included 93,000 bcrypt passwords, which are typically used to protect the data stored by secure applications. But these passwords can be forced through brute force if malicious actor is spending a lot of time running scripts against them.
Drivesure is a company that helps car dealerships increase loyalty among customers by leveraging data about their interactions with customers. The Illinois-based company focuses on employee retention and customer training programs, among others.
Thompson exploited a flaw that was unpatched in the cloud firewall configuration to bypass security measures within the company, and gain access to data buckets and directories. Thompson then uploaded her stolen data on GitHub and gradually changed the information as she continued to hack. The question of whether she was trying to make money from her attack is unclear. In the past few weeks, other high-profile targets were also targeted. They included Washington State unemployment claimants, who were impacted by a breach of a third-party service utilized by an auditor and employees of air charter company Solairus Aviation.