Small businesses quite often outsource THIS to get the knowledge they want for professional applications. For example , car dealerships employ software designed for roadside assistance that can help with customer service and sales. Sad to say, those third-party providers can even be vulnerable to cyberattacks.

The personal information of thousands of motorists who subscribe to a program made available from the automotive dealership computer software company drivesure has been openly available on a hacking forum. On January 4th, analysts at Risk Structured Security observed a 22GB folder that contained multiple databases from the company on the hacking web page. The databases included brands, home and email addresses, telephone numbers, text and email messages between dealerships and clients, and car information which includes make and version and VIN quantities. It was all ripe for exploitation by cybercriminals.

The attacker as well dumped over 93, 000 bcrypt hashed passwords from the DriveSure database. Although bcrypt is stronger than SHA1 and MD5, it can nevertheless be brute forced if the passwords happen to be weak, with respect to Risk Based Secureness.

If your data was sacrificed, contact the affected organization and change your accounts. Also, consider removing extra account particulars like phone quantities or messages you don’t use. This could reduce the amount of PII that hackers have access to. Finally, be wary of file sharing, especially with sellers that are an integral part of your supply chain. The recent infringement of Accellion, which markets software that helps companies transfer large data, was a good example.