On Wednesday, CyberPeace’s research division asserted that 1.6 crore (16 million) HDFC Life Insurance client records are purportedly being offered for sale on a dark web site for 200,000 USDT (Tether cryptocurrency).
According to CyberPeace, the compromised data includes private client data, including policy numbers, names, phone numbers, dates of birth, email addresses, residence addresses, health status, and more.
HDFC Life Insurance announced late last month that they were evaluating the possible consequences of a data breach and that there had been some instances of data leakage. “We have received communication from an unknown source, who has shared certain data fields of our customers with us with mala fide intent,” HDFC Life said in a regulatory filing, adding that it continues to investigate this further to assess the potential impact.
According to CyberPeace, the data compromised (16 million records) is being sold in smaller quantities starting from 100,000 records, “with offers for private negotiations for buyers interested in personalized deals.”.
“The identity of the cyber threat actors responsible for this breach remains unknown. CyberPeace’s investigation reveals that the hackers have already sold substantial portions of the data to interested parties. 16 million customer records have already been sold, raising significant concerns about misuse and exploitation,” said the cybersecurity organization.
It further stated that “customers face severe privacy violations with their personal details being exposed. This information could be used for phishing scams and targeted attacks”.
CyberPeace warned people to be on the lookout for identity theft and unauthorized access to financial products or services due to the compromised policy numbers and personal information.
In order to determine the underlying reason and take appropriate corrective action, HDFC Life stated in its regulatory filing that a thorough investigation was in progress, including with information security specialists.
The full 7.24 TB of data, purportedly belonging to Star Health’s approximately 3.1 crore users, was put up for sale on a website for $150,000 in October, according to various reports.
Star Health Insurance claimed in a statement that they were the subject of a targeted, harmful cyberattack that led to unauthorized and unlawful access to specific data and that a comprehensive forensic investigation into the “targeted malicious cyberattack” was in progress.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream formerly known as CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, The Mainstream formerly known as CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, The Mainstream formerly known as CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK
