Drivesure, a provider of car dealership services, was the victim of a data breach in December that resulted in 26GB of personal information being downloaded and shared on forums for hackers. The data hacked contained names, addresses, and phone numbers of 3.2 million customers as well as messages sent via email and text messages between the clients of traders, vehicle VINs, and service records. Also, more than 93 000 hashed passwords for bcrypt were made public. While bcrypt hashes are considered stronger than older strategies such as SHA1 and MD5, they can still be used to brute force after downloading, according to Risk Based Security.
In a lengthy blog post on Raidforums, hacker “pompompurin” explained the leaked user information and files. This is unusual as hackers typically only share valuable sections or reduced versions of the databases they’ve discovered.
According to CISO Magazine, the database was exposed due to a misconfiguration in an AWS bucket that was being used by the company. The AWS bucket was not secured for months and anyone was able to access the file and its contents, including more than one million unique email addresses, as well as passwords stored in plaintext and encrypted using the bcrypt.
Users of Drivesure should be concerned about the breach, as they could be a victim of fraud or identity theft if their information is stolen. Anyone who uses the site must change their passwords as soon as possible. They should also consider changing their login credentials on other websites using the same credentials.