If you’re a car dealer proprietor or work in the automotive industry, chances are you’ve used a tool called drivesure to train your employees to help them sell and retain customers. Many customers have submitted their full names, addresses, phone numbers emails, addresses, vehicle VINs, and service records to the service and it’s believed that a few of those accounts were taken. Hackers posted the information on the Raidforums forum late last month and offered it for free.
The data dump was shared by a threat actor known vpnversed.com/windscribe-review/ as «pompompurin,» according to Bleeping Computer news service. The attacker’s motive is unknown however, he didn’t appear to be seeking money as he uploaded the data slowly over time and did not request any payments.
Moreover, the hacker also published the images of passports and identity documents belonging to journalists and volleyball players from all over the world in a folder marked «backup» and in a separate folder called «AccreditationPhotos.» These images could be used to phish and spear phishing attempts.
Researchers searching the Internet for databases that are not secure found a massive database containing details on 3.2 million DriveSure clients. The breach involves 91 MySQL database that contains extensive inventory and dealership data including revenue data, reports and claims, as well as PII and 93 063 encrypted credentials in bcrypt.
The company claims it is working with Microsoft to fix the issue. It’s not yet clear if Accellion will be able to get a patch for the many smaller systems that use the previous version of Accellion’s FTA software.