DriveSure, A Krex Brand

DriveSure suffered a major data security incident in January 2021 after the threat actor posted multiple databases originating from drivesure.com and krexinc.com.

The threat actor shared some databases on a popular English-speaking dark web hacking forum and detailed the leaked files and the user information including numerous backend files and folders.

The compromised data included 22 GB, 22 GB including the company’s MySQL databases, exposing 91 sensitive databases and another folder including 11,474 files in 105 folders and amassed to 5.93 GB.

The investigation revealed that the breached database contained 3,283,725 unique user email addresses of Illinois county that were potentially exposed in the incident.

Source: https://www.riskbasedsecurity.com/2021/02/01/personal-data-of-3-million-people-exposed-in-drivesure-hack/

"id": "DRI1885722",
"linkid": "krex-inc",
"type": "Breach",
"date": "01/2021",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"