Drivesure, a dealership service provider, experienced an attack on its database in December last year. The result was that 26GB of personal data was downloaded and then shared via hacking forums. The data breached included names, addresses, and phone numbers of 3.2 millions of buyers as well as messages sent via email and text messages between clients and traders vehicles, VINs of their vehicles, and service records. More than 93, 000 bcrypt hashed passwords were made public. Although bcrypt hashes are thought to be superior to older methods such as SHA1 and MD5, they can still be used for brute force after downloading, reports Risk Based Security.
In a long post on Raidforums, hacker « pompompurin », detailed the leak of user information and files. This is unusual since hackers usually share only valuable segments or trimmed down versions of databases they have uncovered.
The database was accessed because of a misconfiguration error in an AWS bucket used by the company according to CISO Magazine. The AWS bucket was left unprotected for months and allowed anyone to access the database and its contents, including over one million unique email addresses and passwords that were stored in plaintext and encrypted using bcrypt.
Drivesure users should be worried about the breach, as they may become victims of identity theft or fraud when their personal information is stolen. Users of the site are advised to change their passwords as soon as they can. They should also consider changing their login credentials on other websites that require the same credentials.