PolicyBazaar Admits Their System Was Hacked On This Date; Issue Has Been Resolved, Audit Starts
The IT system of PB Fintech, the parent company of Policybazaar Insurance Brokers Private Ltd was hacked on July 19, the company informed on Sunday.
Further adding that the subsequent corrective action was taken.
Unspecified Security Incident
Policybazaar said that it was subject to an unspecified security incident but found that “no significant” customer data was exposed — or in other words, some was.
The insurance company did not identify what all customer data had been exposed, whether there was a data breach by an attacker or how many times the vulnerabilities were exploited.
Also, it did not immediately respond to a request for comment.
How Did This Happen?
IT all started on July 19, when the company identified certain vulnerabilities in a part of Policybazaar Insurance Broker’s IT systems.
Basically, it was leading to illegal and unauthorized access to the network.
The insurance brokerage firm said, “In this regard, Policybazaar has reached out to the appropriate authorities and is taking due recourse as per law. The identified vulnerabilities have been fixed, and a thorough audit of the systems has been initiated,” in a regulatory filing.
Review In Progress
Presently, the information security team is reviewing the matter along with external advisors, the company said.
Adding, “While we are in the process of undertaking a detailed review, as of date, our review has found that no significant customer data was exposed. Policybazaar has always prioritized the security and integrity of its systems and is committed towards protection of customer data,”.
Coming to Policybazaar, it is into insurance brokerage and stores lots of data about its policyholders, including their transaction details.
Indian online insurer claims on its website that it serves over 9 million customers, so far.