Policybazaar Believes Attack On Its IT Infrastructure Did Not Expose Consumer Data
News Synopsis
"Certain vulnerabilities were detected in a part of Policybazaar Insurance Brokers' ("Policybazaar") IT systems and the same were exposed to illegal and unauthorised access," Policybazaar stated in a regulatory filing with the Bombay Stock Exchange (BSE).
Policybazaar responded to the attack by saying that it had been in touch with the relevant authorities. The petition also stated that "Policybazaar has contacted the appropriate authorities and is initiating the necessary legal action." In the case of Policybazaar, while the volume and the nature of the data leaked are still under wraps, it does not have the luxury to deny it altogether, being a listed company. The company is bound to reveal the full extent of the data leak after its review and audits are completed.
In FY22,PB Fintech, the parent company of Policybazaar, reported a 454% increase in its net loss to INR 832.91 Cr. While its total income rose 62% in FY22, Policybazaar's expenses also shot up 116% during the same time. Policybazaar responded to the attack by saying that it had been in touch with the relevant authorities. The petition also stated that "Policybazaar has contacted the appropriate authorities and is initiating the necessary legal action."
While the vulnerabilities found have been patched, according to Policybazaar, an audit is being conducted to accurately determine the harm. The leading insurtech company also stated that its information security team was evaluating the situation with the help of outside advisers.
Additionally, Policybazaar added that "no important client data was exposed," adding that they would provide an update on the situation later.
India's cybersecurity architecture came under scrutiny last year as a result of some spectacular data thefts that occurred there. One of the biggest data breaches of this kind occurred at MobiKwik in early 2021, when 8.2 TB of data exposed the sensitive information of 110 Mn consumers.
Although the IPO-bound company initially denied it, the data leak was later confirmed by consumers and other independent researchers. The major in payments responded in a far less than optimal manner. Another significant data breach that occurred in 2021 involved Domino's India, when information on more than 250 employees and 180 million customer orders was exposed and sold on the dark web.
According to cybersecurity experts, this information relating to Domino's orders includes names, email addresses, mobile numbers, GPS coordinates, and more. The number and kind of the data that was leaked in the case of Policybazaar are yet unknown, but being a publicly traded firm, it is unable to completely refute it. When the company's study and audits are finished, it is required to disclose the full nature of the data leak.
The parent company of Policybazaar, PB Fintech, recorded net loss for FY22, coming in at INR 832.91 Cr. While Policybazaar's overall revenue increased by 62 percent in FY22, expenses increased by 116 percent at the same time.
You May Like
