The personal details of millions of American car owners who sign up for a side of the road assistance program provided by the company drivesure is being offered online. The cybercriminals illegally hacked the company and then dumped multiple directories on hacking forums, the security vendor Risk Based Secureness said in a blog post on January four this year. The databases included names, address, cellular phone numbers and electronic mails along with data on the customers’ vehicles which includes their generate, model and VIN number.
In addition , the hackers produced over 93 thousand bcrypt hashed security passwords public. Although bcrypt is somewhat more secure than SHA1 or MD5, it can still be brute forced in the event the passwords are weak, with respect to Risk Based Secureness. Using strong passwords and doing away with extra account details just like mobile amounts or electronic mails that you wouldn’t use decreases the amount of PII that cyber criminals have access to.
Data theft simply by companies that sell application or services to others continues to be a problem. Just this week the auditor for the state of Washington check this admitted that its employees may take their private data stolen with a hacker so, who gained access to the company’s system following purchasing a product from the company Accellion that helps organizations transfer large files.
Also, the cybersecurity company SolarWinds suffered a break of a unique systems that led to employee data theft from a large number of employees at various places across the country. Source chain hacks are a common risk for businesses that work with many other businesses to provide product or service.