After a cybercriminal hacks the company and dump multiple databases on hacking forums personal information of millions American car owners who signed up to a roadside service offered by drivesure is now available online. A security vendor researcher Risk Based Security spotted the databases on raidforums cracking forum past due last month and informed drivesure of the issue this week. The databases include names, addresses the volume of cellular phone calls and electronic mails. They also include data about customers’ vehicles, which include their make, model and VIN number along with service records and damage claims. The breach also contained 93,000 passwords encrypted with bcrypt, which are usually used to safeguard information stored by secure applications. But these hashes can still be manipulated by brute force if a bad actor spends days running scripts against them.
Drivesure is a company that provides services that helps car dealers build customer loyalty by using data about their interactions. The Illinois-based company focuses on employee training programs and customer retention, among other things.
Thompson exploited an unpatched vulnerability in the cloud firewall configuration to bypass security measures in the company, and gain access to data buckets and directories. She then uploaded the stolen data to GitHub and gradually updated it while she continued to hack. If she was attempting to make money off of her attack isn’t clear. In the past few weeks, other notable targets were also targeted. This included Washington State unemployment claimants whose claims were affected by a security breach that occurred in an external service used by an auditor as well as employees of the air charter company Solairus Aviation.