Have reached out to the appropriate authorities, taking due recourse as per law: Policybazaar
The listed startup added that while the vulnerabilities detected were fixed, an audit was underway to properly assess the damage
Adding to that, Policybazaar said that “no significant customer data was exposed,” with an update to come in the future
After its IT systems suffered an attack, insurtech major Policybazaar said the same did not result in significant exposure of customer data.
Policybazaar said in a regulatory filing with the Bombay Stock Exchange (BSE), “Certain vulnerabilities were identified in a part of Policybazaar Insurance Brokers (“Policybazaar’’) IT systems and the same were subject to illegal and unauthorized access.”
In response to the attack, Policybazaar said that it has reached out to authorities in relation to the same. “Policybazaar has reached out to the appropriate authorities and is taking due recourse as per law,” the filing added.
Policybazaar said that while the vulnerabilities detected were fixed, an audit was underway to properly assess the damage. The insurtech major added that its information security team was working with external advisors for reviewing the matter.
Adding to that, Policybazaar said that “no significant customer data was exposed”, with an update on the matter to come in the future.
Last year, the country saw some stunning data leaks, putting a question mark on India’s cybersecurity infrastructure. One of the most significant data leaks of its kind happened at MobiKwik when around 8.2 TB of data was leaked in early 2021, exposing sensitive data of 110 Mn customers.
While the IPO-bound company denied the same back then, the users and multiple independent researchers were able to corroborate the data leak. The response from the payments major was also far from ideal.
Another big data leak that happened in 2021 was at Domino’s India, which saw details of over 250 employees and 180 Mn customer orders leaked and being sold on the dark web.
This included names, email IDs, mobile numbers, GPS coordinates and more related to Domino’s orders, according to cybersecurity researcher Rajshekhar Rajaharia.
In the case of Policybazaar, while the volume and the nature of the data leaked are still under wraps, it does not have the luxury to deny it altogether, being a listed company. The company is bound to reveal the full extent of the data leak after its review and audits are completed.
In FY22, PB Fintech, the parent company of Policybazaar, reported a 454% increase in its net loss to INR 832.91 Cr. While its total income rose 62% in FY22, Policybazaar’s expenses also shot up 116% during the same time.
PB Fintech’s shares opened at INR 502. 85 apiece on Monday, 3.32% lower than the last close.