Online Insurance Hub Exposed Personal Data

FRAMINGHAM (03/24/2000) - An Internet life insurance quotation service inadvertently exposed the medical histories and other personal data of 20 applicants after a minor change to the site introduced a bug.

SelectQuote Insurances Services fixed the problem Wednesday after a customer called the company to complain, said Lyle Griffin, director of technology for the San Francisco-based company.

"What was very surprising about this was that it was supposed to be a very minor, trivial change," Griffin said.

The problem first surfaced Tuesday night when SelectQuote uploaded a small programming change to correct a minor JavaScript error, Griffin said. The change introduced a bug in the session management code. As a result, when a visitor came to the site while another person was applying for an insurance quote, the visitor would see the completed screen and highly personal information of the applicant, including their medical history, Griffin said.

The "embarrassing" problem was fixed the next morning -- March 22 -- and all 20 of the affected people were contacted by SelectQuote, said Griffin.

Griffin said customers took the "serious" breach of privacy in their stride.

Three have applied for insurance with the company, he said.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about SelectQuote Insurances Services

Show Comments