If you’re a dealer owner or are in the automotive industry, it’s likely you’ve utilized a service called drivesure to train your employees on how to attract and keep customers. Many customers have submitted their full names, addresses, phone numbers and email addresses, as well as their vehicle VINs, and service records to the service and it’s believed that a few of these accounts were stolen. Hackers released the information on the Raidforums forum late last month and made it available for free.
According to Bleeping Computer, the data dump was posted online by a threat agent dubbed as “pompompurin”. The motive of the attacker is unknown however, he appeared not to be seeking money as he uploaded the data in a slow manner and didn’t demand any money.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked “backup” and in a separate folder called “AccreditationPhotos.” The photos could be used for phishing and spear phishing attacks.
Security researchers searching the Internet for databases that aren’t secure have discovered a massive database of information on 3.2 million DriveSure customers. The breach involves 91 MySQL database that contains extensive inventory and dealership data as well as revenue data, reports and claims along with PII and 93 063 Bcrypt hashed credentials.
The company claims it is working with Microsoft to correct the flaw. It’s not known if the company can get a patch to the many smaller systems that use the earlier version of Accellion’s FTA.