Metromile Data Breach: Driver License Numbers Exposed

Metromile Addresses Website Security Breach

Metromile, a car insurance startup, has announced the resolution of a security vulnerability present on its website. This flaw permitted unauthorized access to sensitive driver information.

The San Francisco-based company detailed the security incident in a recent 8-K filing submitted to the U.S. Securities and Exchange Commission.

Details of the Security Flaw

According to the filing, a defect within the website’s quote request and application procedures enabled a hacker to acquire personal data. Specifically, driver’s license numbers were compromised.

The exact mechanism by which the form facilitated this data breach, and the total number of individuals affected, remain under investigation.

Immediate action was taken by Metromile to address the issue. This included the deployment of software updates designed to eliminate the vulnerability.

Furthermore, the company’s insurance provider was notified, and standard business operations were maintained throughout the remediation process.

Ongoing Investigation and Response

Metromile is collaborating with both security specialists and legal advisors to determine the root cause of the incident.

Efforts are also focused on identifying further preventative measures and fulfilling any necessary notification requirements to impacted individuals, law enforcement agencies, and relevant regulatory authorities.

Rick Chen, a representative for Metromile, confirmed that access to driver license numbers has been verified, while emphasizing that the investigation is still in progress.

Communication and Recent Developments

Currently, the security incident has not been publicly disclosed on Metromile’s website or through its social media channels.

The company intends to directly inform those individuals whose data may have been compromised.

This news coincides with the announcement of a $50 million investment from Ryan Graves, a former executive at Uber, who will also be joining Metromile’s board of directors.

The incident occurred shortly after Metromile revealed plans to become a publicly traded company through a special purpose acquisition company (SPAC) merger, valued at $1.3 billion.