Auto Insurance Provider Exposed 250k Documents Online

Jeremiah Fowler

Jeremiah Fowler

Director of Security Research and Senior Communications Consultant

2 minutes read
Auto Insurance Provider Exposed 250k Documents Online - Security Discovery

Recently I discovered a non-password protected database that contained scans and images of vehicle registrations, division of motor vehicle registration applications, certificate of insurance cards, vehicle titles, driver’s licenses, state medicaid health coverage cards, and more. Upon further research all of the policies I saw listed USA Underwriters as the primary insurer. I immediately sent a responsible disclosure notice by email to USA Underwriters regarding my findings. Later I spoke with an employee of USA Underwriters who told me these records and database belonged to a third-party vendor named RateForce. This also matched the name of the database which was listed as “RF******Prod”(redacted for security reasons). RateForce provides a platform to compare car insurance quotes online and, according to their website, they have provided nearly 11 million quotes since 2014. In 2021, RateForce, LLC ranked #2 on the Inc. 5000 list of fastest-growing private companies in the insurance industry. The

Details of what the database contained

Read my full report here.

← Back to Blog

Got your attention?

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform. Protect your business proactively - get in touch today for personalized digital security solutions.

Business Development
Virginia, United States
Research & Development
Kyiv, Ukraine
Technical HQ
Hamburg, Germany