Cyber Incident Victim: TietoEVRY

A cyber incident occurred at Metromile, a car insurance startup, where a hacker obtained driver's license numbers through a bug in the company's website quote form and application process. The incident highlights the importance of securing sensitive customer data and ensuring the integrity of online applications. The company took steps to contain and remediate the issue, notifying affected individuals, law enforcement, and regulatory bodies.

The bug in the website's quote form and application process allowed the hacker to access sensitive customer information, including driver's license numbers. The exact nature of the bug and how it was exploited by the hacker is not publicly known. However, it is clear that the vulnerability was present in the website's application process, allowing the hacker to gain unauthorized access to customer data.

Metromile took immediate action to contain and remediate the issue. The company released software fixes to patch the vulnerability and prevent further unauthorized access to customer data. Additionally, Metromile notified its insurance carrier and continued its ongoing operations. The company also worked with security experts and legal counsel to investigate the incident and identify additional containment and remediation measures.

The incident was disclosed by Metromile in its latest 8-K filing with the U.S. Securities and Exchange Commission. The filing stated that the company had fixed the security flaw and was working to notify affected individuals. The company also stated that it had not disclosed the security incident on its website or social media channels. Instead, Metromile planned to notify affected individuals directly.

The motive behind the attack is believed to be personal gain. The hacker's actions suggest that they were seeking to obtain sensitive customer information for financial gain. The exact nature of the hacker's plans for the stolen data is not publicly known. However, it is clear that the hacker's actions were malicious and intended to harm Metromile and its customers.

The incident highlights the importance of securing sensitive customer data and ensuring the integrity of online applications. Companies must take steps to protect their customers' data from unauthorized access and ensure that their online applications are secure. This includes implementing robust security measures, such as encryption and access controls, and regularly testing and updating their systems to prevent vulnerabilities.

Metromile's response to the incident demonstrates the importance of prompt action in containing and remediating security incidents. The company's decision to release software fixes and notify affected individuals quickly helped to prevent further unauthorized access to customer data. Additionally, Metromile's cooperation with security experts and law enforcement demonstrates its commitment to investigating and addressing the incident.

The incident also highlights the need for companies to be transparent about security incidents. Metromile's decision to disclose the incident in its 8-K filing and notify affected individuals directly demonstrates its commitment to transparency. Companies must be willing to disclose security incidents and provide clear information to affected individuals about what happened and what they are doing to address the issue.

Overall, the cyber incident at Metromile highlights the importance of securing sensitive customer data and ensuring the integrity of online applications. Companies must take steps to protect their customers' data and respond quickly and transparently in the event of a security incident.