MetroMile says a website bug let a hacker obtain driver’s license numbers

MetroMile says a website bug let a hacker obtain driver’s license numbers

Car insurance coverage startup MetroMile mentioned it has mounted a safety flaw on its web site that allowed a hacker to acquire driver’s license numbers.

The San Francisco-based insurance coverage startup disclosed the safety breach in its newest 8-Okay submitting with the U.S. Securities and Exchange Commission.

MetroMile mentioned a bug within the quote type and utility course of on the corporate’s web site allowed the hacker to “get hold of private info of sure people, together with people’ driver’s license numbers.” It’s not clear precisely how the shape allowed the hacker to acquire driver’s license numbers or what number of people had their driver’s license numbers obtained.

The disclosure added: “Metromile instantly took steps to comprise and remediate the problem, together with by releasing software program fixes, notified its insurance coverage service, and has continued its ongoing operations. Metromile is working diligently with safety consultants and authorized counsel to establish how the incident occurred, determine extra containment and remediation measures, and notify affected people, regulation enforcement, and regulatory our bodies, as applicable.”

Read More:  Genflow nabs $11M investment from BGF

Rick Chen, a spokesperson for MetroMile, mentioned that the corporate has to this point confirmed that driver’s license numbers had been accessed, however that the “investigation remains to be ongoing.”

MetroMile has not disclosed the safety incident on its web site or its social channels. Chen mentioned the corporate plans to inform affected people of the incident.

News of the safety incident landed as the corporate confirmed a $50 million funding from former Uber government Ryan Graves, who will even be part of the corporate’s board. It comes simply weeks after the auto insurance coverage startup introduced it was planning to go public through a special-purpose acquisition firm — or SPAC — in a $1.three billion deal.

How to decode an information breach discover


Add comment