Indian Online Insurer Policybazaar Reports IT Systems Breach

Person tapping away a laptop

India’s leading online insurance firm Policybazaar announced Sunday that its IT systems were “subject to illegal and unauthorized access.”

In its stock exchange filing, parent company PB Fintech confirmed the July 19 breach, saying that while no “significant customer data” was compromised, it is working with law enforcement in its investigation of the incident.

‘Illegal and Unauthorized Access,’ But No ‘Significant’ Data Exposed

According to Policybazaar’s website, nearly 9 million customers use its services through 50 different insurers. PB Fintech’s notice this Sunday said Policybazaar’s IT systems were breached due to existing vulnerabilities found in the network.

At the moment, a detailed investigation and an audit of Policybazaar’s security by their information security team, including external advisors, are taking place to pinpoint exactly what happened and what the damage is. The firm said it has reached out to the authorities and will publish further updates for its customers as the situation progresses.

“In this regard, Policybazaar has reached out to the appropriate authorities and is taking due recourse as per law. The identified vulnerabilities have been fixed and a thorough audit of the systems has been initiated,” the firm said in its filing. “While we are in the process of undertaking a detailed review, as of date, our review has found that no significant customer data was exposed.”

AWS Vulnerabilities a Source of Breach?

In the case of Policybazaar, what we also know is that the firm migrated its applications to the Amazon Web Services (AWS) Cloud. While this can’t be confirmed, the unknown vulnerabilities mentioned by PB Fintech could be an AWS misconfiguration.

For instance, in March this year, our security team discovered an AWS S3 bucket misconfiguration that caused the personal data of 500,000 Sephora customers to be exposed. Thanks to our discovery, Sephora closed the breach a few days later. Ironically, a recent annual survey conducted by Policybazaar revealed the importance of cyber insurance.

Another possibility is the presence of a zero-day vulnerability which could have led to data being stolen and sold on the dark web. A few days ago, a similar unidentified cyber attack affected India-based travel booking platform Cleartrip.

Economic Downturn and Cyberattacks Hurting Companies

The firm says it is “India’s best & largest online insurance marketplace,” with over 19 million insurance policies sold in the 13 years of its existence, and that its goal is ending “rampant mis-selling, and preventing policy lapses.”

While PB Fintech has had a great run — valued at over $7 billion at one point in 2021 — the firm’s stock value has plummeted this year to less than half of its debut.

However, it isn’t only the economic downturn hurting firms like Policybazaar. Cyber threats continue to plague companies that operate mostly online. Popular NFT marketplace OpenSea suffered a massive data breach this June.

In April, the fintech newcomer Switch leaked the personal details of thousands of customers. It is no surprise, then, that holding such a massive amount of insurance policy data makes one a clear target for cybercrime.

Tech researcher & communications specialist
Mirza has an education background in Global Communications, has worked in advertising, marketing, journalism and television over the years while living in several different countries. He is now working to consolidate news and outreach at VPNoverview.com, while in his free time he likes to work on documentary projects, read about sociology and write about world events.