If you’re a dealership owner or work in the automotive industry, it’s likely you’ve used a service called drivesure to train your employees to market and keep customers. Millions of customers have provided their full names, addresses, telephone numbers email addresses, car VINs, and service records to the service and it’s been reported that some of these accounts were stolen. Last month, hackers published that information on the Raidforums hacking forum and offered the data for download for free.
The dump of data was uploaded by a threat-maker known as “pompompurin,” according to Bleeping Computer news service. The attacker’s motivation is unknown. However the attacker did not appear to be seeking money since he uploaded the files slowly and did not ask for payment.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked “backup” and in a separate folder called “AccreditationPhotos.” These photos could be used to phish and spear phishing attacks.
Security researchers combing the Internet for databases that are not secure have uncovered an enormous database of data on 3.2 million DriveSure customers. The breach involves 91 MySQL database that includes detailed inventory and dealership information as well as revenue data, claims and check this reports, as well as PII and 93 063 Bcrypt hashed credentials.
The company claims that it is working with Microsoft to correct the flaw. It’s not known if the company can get a patch to the many smaller systems that use the older version of Accellion’s FTA.