Exploit: Hacking
DriveSure: Customer Retention Platform
Risk to Business: 2.211 = Severe Hackers dropped data on 3.2 million DriveSure users on the Raidforums hacking boards late in January. One leaked folder totaled 22 gigabytes and included the company’s MySQL databases, exposing 91 sensitive databases. The databases range from detailed dealership and inventory information, revenue data, reports, claims and client data. A second compromised folder contained 11,474 files in 105 folders and totals 5.93 GB, likely a repository of backup data.
Risk to Business: 2.325 = Severe The information exposed included names, addresses, phone numbers, email addresses, IP addresses, car makes and models, VIN numbers, car service records and dealership records, damage claims and 93,063 bcrypt hashed passwords.
Customers Impacted: 3.2 million
How it Could Affect Your Customers’ Business: Data isn’t always stolen via ransomware – sometimes it’s just old-fashioned hacking. That’s one reason why it’s essential to use a secure identity and access management solution to keep hackers locked out.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
