After a cybercriminal illegally hack the company and dump multiple databases from the company on hacking forums personal details of millions of American car owners who signed up to a roadside assistance program that drivesure offers is now accessible online. Security vendor Risk Based Security spotted the databases on raidforums cracking forum past due last month and reported them to drivesure this week. The databases contain names, deal with cell phone numbers, electronic mails, as well as information about the vehicles of customers which include their VIN number, model and the produce. The breach also contained more than 93,000 passwords that were encrypted using bcrypt. These are typically used to safeguard data stored by an application that is secure. However, these passwords could be manipulated by brute force if a bad actor has a long time running scripts against them.
Drivesure is a company that provides services that help dealers in building customer loyalty by using data on their interactions. The Illinois-based company concentrates on retention of employees and consumer training programs, among others.
Thompson exploited a vulnerability in the configuration of cloud firewalls to bypass security measures that are in place within the company and gain access data buckets and folders. Thompson then uploaded the stolen data to GitHub and then slowly updated it while she continued her hacking spree. The question of whether she was trying to make money from the attack is unclear. In the last few weeks, other prominent targets were also targeted. This included Washington State unemployment claimants, who were impacted by a security breach that occurred in an external service that was used by an auditor, as well as employees of air charter company Solairus Aviation.