You might have used drivesure as a tool to teach your employees how to sell and retain clients when you own a car dealership or work in the automotive industry. Many customers have provided their full names, addresses number, phone numbers, emails along with vehicle VINs and service records to this service, and it’s been reported that some of these accounts were hacked. Hackers posted the information on the Raidforums forum in the last week and then offered it to the public for free.
The data dump was posted by a threat actor known as “pompompurin,” according to Bleeping Computer news service. The attacker’s motive is unknown, but he seemed not to be in search of money since he uploaded the data slowly and didn’t solicit any payment.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked “backup” and in a separate folder called “AccreditationPhotos.” Those photos could be used to perpetrate phishing and spear phishing attacks.
Researchers searching the Internet for databases that are not secure found a massive database containing information on 3.2 million DriveSure clients. The breach involves the theft of 91 MySQL databases that contain extensive inventory and dealership information including revenue data, reports and claims as well as PII and 93,063 bcrypt hashed passwords.
The company claims to be working with Microsoft to get the flaw fixed. It’s not clear yet if the company can get a patch for the many smaller systems that use the older version Accellion’s FTA.