Noblr Car Insurance

Noblr Car Insurance was unexpectedly hidden by a cyber attack as a result they noticed unusual quote activity consisting of a spike in unfinished quotes through its instant quote webpage that exposed 97,633 consumers' information.

The attackers appear to have already been in possession of the names and dates of birth of consumers and then used that information to obtain additional personal information through Noblr’s instant quote platform.

Noblr’s security team investigated the incident and started blocking suspicious IP addresses.

When Noblr discovered that the attackers had access to driver's license numbers, Noblr changed its instant quote system to bar the attackers from getting access in the future and implemented other security measures to stop these attacks.

Source: https://www.databreaches.net/noblr-reciprocal-exchange-to-notify-97633-consumers-of-breach-involving-insurance-quote-platform/

TPRM report: https://scoringcyber.rankiteo.com/company/noblr

"id": "nob18262123",
"linkid": "noblr",
"type": "Breach",
"date": "05/2021",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'customers_affected': '97,633',
                        'industry': 'Insurance',
                        'name': 'Noblr Car Insurance',
                        'type': 'Company'}],
 'attack_vector': 'Exploitation of Instant Quote Webpage',
 'data_breach': {'number_of_records_exposed': '97,633',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Dates of Birth',
                                              "Driver's License Numbers"]},
 'description': 'Noblr Car Insurance experienced a cyber attack where '
                'attackers exploited their instant quote webpage to obtain '
                'additional personal information of consumers, exposing 97,633 '
                "consumers' information.",
 'impact': {'data_compromised': "Driver's License Numbers, Names, Dates of "
                                'Birth',
            'identity_theft_risk': 'High',
            'systems_affected': 'Instant Quote Webpage'},
 'initial_access_broker': {'entry_point': 'Instant Quote Webpage',
                           'high_value_targets': "Driver's License Numbers"},
 'investigation_status': 'Ongoing',
 'motivation': 'Unauthorized Access to Personal Information',
 'post_incident_analysis': {'corrective_actions': ['Blocking Suspicious IP '
                                                   'Addresses',
                                                   'Changing Instant Quote '
                                                   'System',
                                                   'Implementing Other '
                                                   'Security Measures'],
                            'root_causes': 'Exploitation of Instant Quote '
                                           'Webpage'},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'containment_measures': ['Blocking Suspicious IP Addresses',
                                       'Changing Instant Quote System'],
              'incident_response_plan_activated': 'Yes',
              'remediation_measures': ['Implementing Other Security Measures']},
 'threat_actor': 'Unknown',
 'title': 'Cyber Attack on Noblr Car Insurance',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Instant Quote Platform'}