Small businesses generally outsource IT to get the experience they want for specialized applications. For example , car dealerships apply software designed for roadside assistance that can help with customer service and sales. Sad to say, those third-party providers can also be vulnerable to cyberattacks.

The personal information of millions of individuals who subscribe to a program which is available from the motor vehicle dealership software program company drivesure has been publicly available on a hacking message board. On January 4th, research workers at Risk Based Security determined a 22GB folder that contained multiple databases from your company over a hacking web page. The databases included names, home and email addresses, telephone numbers, text and email messages among dealerships and clients, and car information including make and version and VIN quantities. It had been all ready for fermage by cybercriminals.

The attacker likewise dumped over 93, 1000 bcrypt hashed passwords through the DriveSure data source. Although bcrypt is better than SHA1 and MD5, it can nevertheless be brute pressured if the passwords are weak, regarding to Risk Based Protection.

If your data was compromised, contact the afflicted organization and change your passwords. Also, consider removing extra account specifics like mobile phone numbers or email messages you do not use. This could reduce the amount of PII that online hackers have access to. Finally, be wary of file sharing, especially with sellers that are an element of your supply chain. The recent breach of Accellion, which sells software that helps companies copy large data, was a very good example.