Copart Auction Site - HACKED

Kinja'd!!! "maristgrad" (maristgrad)
06/02/2015 at 00:37 • Filed to: Hacks, Copart, Cybercrime, Auctions

Kinja'd!!!1 Kinja'd!!! 4
Kinja'd!!!

I just received this letter from Copart auto auctions stating they were hacked on March 31st 2015. If you’re unfamiliar with Copart, they’re the largest online car auction site in the world with car lots in almost every US metro and in many countries globally. If you need a good deal on a used, salvage or parts car, this is the place to go. ( !!!error: Indecipherable SUB-paragraph formatting!!! ).

What’s concerning is, besides having the names, addresses, email and phone numbers of all their members, they also have color photo copies of member drivers licenses/passport identification attached to corresponding accounts. Copart keeps credit card information for most members as I’ve paid online for a car with shipping and it kept the method of payment on file however the letter does state the information wasn’t included with the breach, this leads me to believe the breach was more far reaching than they’re letting on. Do you guys think hackers can use the drivers license information maliciously?


DISCUSSION (4)


Kinja'd!!! pip bip - choose Corrour > maristgrad
06/02/2015 at 04:00

Kinja'd!!!0

honestly Khalid shit happens , happened to eBay last year.


Kinja'd!!! spanfucker retire bitch > maristgrad
06/02/2015 at 07:23

Kinja'd!!!0

Wait, they sent you a letter to warn of a data breach? Not an e-mail?

You better hope that they have driver licenses/passports fully encrypted and on a totally separate server. Also, I hope you used a unique password for their website and not the same one that you use on dozens of other sites.


Kinja'd!!! maristgrad > spanfucker retire bitch
06/02/2015 at 10:28

Kinja'd!!!0

Fuck I didn’t think of that, luckily they provide unique passwords when you open an account but I’m changing all my passwords anyway


Kinja'd!!! spanfucker retire bitch > maristgrad
06/02/2015 at 10:35

Kinja'd!!!0

If you don’t already have one, I suggest you take up using a password manager. It provides a real ease of mind when you get a notice about a password breach and realize you don’t have to go around 20+ websites, changing your one single password.

Been there, done that. Don’t ever plan on doing it again.