Recently I discovered a non-password protected database that contained scans and images of vehicle registrations, division of motor vehicle registration applications, certificate of insurance cards, vehicle titles, driver’s licenses, state medicaid health coverage cards, and more. Upon further research all of the policies I saw listed USA Underwriters as the primary insurer. I immediately sent a responsible disclosure notice by email to USA Underwriters regarding my findings. Later I spoke with an employee of USA Underwriters who told me these records and database belonged to a third-party vendor named RateForce. This also matched the name of the database which was listed as “RF******Prod”(redacted for security reasons). RateForce provides a platform to compare car insurance quotes online and, according to their website, they have provided nearly 11 million quotes since 2014. In 2021, RateForce, LLC ranked #2 on the Inc. 5000 list of fastest-growing private companies in the insurance industry. The
Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform. Protect your business proactively - get in touch today for personalized digital security solutions.