If you’re a dealer proprietor or work in the automotive industry, chances are you’ve used a program called drivesure to help train your employees on how to attract and keep customers. Millions of customers have supplied their full names, addresses, phone numbers email addresses, car VINs, and service records to the service and it’s possible that some of those accounts were hacked. Hackers posted the information on the Raidforums forum in the last week and then offered it to the public for free.
According to Bleeping Computer, the data dump was uploaded by a threat actor vpnversed.com/board-portal-increases-performance/ known as “pompompurin”. The attacker’s motive is unknown, but he seemed not to be looking for money since the data dump was uploaded slowly and didn’t solicit any payment.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked “backup” and in a separate folder called “AccreditationPhotos.” Those photos could be used for phishing and spear phishing attempts.
Researchers searching the Internet for poorly protected databases discovered a massive database that contains information on 3.2 million DriveSure clients. The breach involves 91 MySQL database that contains extensive inventory and dealership data, revenue data, claims and reports along with PII and 93 063 encrypted bcrypt credentials.
The company claims it’s working with Microsoft to fix the problem. It’s not yet clear whether the company can issue an update for the many smaller systems that run the older version of Accellion’s FTA.