Car dealership vendor drivesure experienced a data breach last 12 that ended in 26GB of personal information getting downloaded and shared in hacking message boards, according to security vendor Risk Primarily based Security. The hacked info set virtual collaboration software included labels, addresses and phone numbers of more than 3. two million customers as well as textual content and email messages between dealers and their consumers. Other information included vehicle VINs, service records and damage claims. Additionally , the hackers unveiled more than 93, 000 bcrypt hashed security passwords that were revealed in the break. While bcrypt is considered stronger than older methods like SHA1 and MD5, the hashes can still always be brute-forced to find access.

Drivesure is a platform that helps car dealerships build client customer loyalty by leveraging data regarding all their trips and choices, Risk Based Security said. Among other things, the company supplies customer-facing services such simply because roadside assistance programs and training for revenue employees.

The business was hit by a source chain panic in which a product from software program vendor Accellion was jeopardized. Accellion advised the Detroit Times it absolutely was working to replace the old variety of it is file transfer software which has a newer one particular. Unfortunately, it appears the auditor for the state of Washington was using the older version belonging to the computer software at the time of the breach.

The business was hacked by the same threat acting professional that had SolarWinds as well as the U. Beds. State Section in a recent spate of goes for. Other companies that sell software or perhaps provide expertise to additional businesses are also getting strike by assailants.

Drivesure Suffers Drivesure Data Breach