The database has complete details about the customer, their insurance policies and agents
Religare Health Insurance said that it is assessing the concerns raised
Prior to this, Cyble has highlighted data breaches of Unacademy, BEML and others
Dark web sweepers Cyble has claimed that internal data of Gurugram-based Religare Health Insurance has lost 5 Mn records, which is now up for sale. The US-based cybersecurity firm has claimed that the hacked data includes details of Religare, its agents, several sensitive information of the company’s clients, including their names, phone numbers, email id, date of birth.
According to a blog post, published by Cyble, the leaked database also contains details about insurance policies like customer ID, policy number, start date, end date, along with the name, sum and renewal amount of the policy taken by the customers.
Besides this, the personal and official details of the agents and employees have also been leaked. It includes full name, mobile number, date of birth, usernames, password hashes, individual authorisation keys, official email IDs, email signatures having office address and personal mobile numbers, last login and last logout, Internal IP address through which they connected to the portal.
Religare Health Insurance has assured that they are working on the raised concerns, saying “since inception, Religare Health Insurance has consistently invested in the effective application of technology to deliver excellence in customer servicing. We continue to implement technology-driven processes that further drive distribution and servicing efficiencies.”
The leak of such sensitive details put Religare customers at risk of phishing attacks.
“The Indian subcontinent is increasingly facing cyber threats and frauds from various cybercrime groups and actors, including KYC-related frauds. The information exposed on this breach is likely to be used by cybercriminals to carry out fraudulent activities, including identity thefts,” founder and CEO of Cyble Beenu Arora told Inc42 in an email response.
Arora added that a known South Korean threat actor is responsible for the breach. The South Korean attackers have breached a number of high profile companies, including Zee5 network, e27 and others, Arora added.
He suggested that Religare should consider investigating their internal systems to ascertain the scope of the hack and perform remedial actions immediately. Moreover, the company should consider doing a data breach notification to the affected parties.
Prior to this, Cyble has highlighted data breaches of companies like Truecaller, Unacademy, Naukri.com, Bharat Earth Movers Limited (BEML) and IndiaBulls. While Unacademy and BEML have accepted the data breach. Naukri.com has alleged that the data found dates back to the year 2006 – 2012, and there is no proof that the data has been collected from Naukri.com even though the file does.