The incident follows other high-profile breaches in the Indian insurance sector, raising alarms about the state of cybersecurity among insurers
HDFC Life has disclosed a data leak involving certain customer information and has launched a detailed investigation with the help of information security experts to determine the root cause and take necessary corrective actions. The company made the announcement in a regulatory filing, ensuring transparency and adherence to good governance practices.
In its statement, HDFC Life said, *“We wish to inform you that we have received communication from an unknown source, who has shared certain data fields of our customers with us, with mala fide intent.”* While the extent of the breach is yet to be determined, the company assured customers that their concerns would be handled with utmost care and measures would be taken to safeguard their interests.
The incident follows other high-profile breaches in the Indian insurance sector, raising alarms about the state of cybersecurity among insurers. Recently, Star Health and Allied Insurance suffered a significant data breach involving the personal details of approximately 31 million customers. The leaked data, estimated to be around 7.24 terabytes, reportedly included names, addresses, phone numbers, tax details, and sensitive medical records of policyholders.
The Star Health breach allegedly stemmed from a hacker’s claim that the company’s Chief Information Security Officer (CISO), Amarjeet Khanuja, was involved in selling the data for $150,000. In response, Star Health initiated a forensic investigation with independent cybersecurity experts to assess and address the breach.
Similarly, Tata AIG has also faced a data leak incident in recent months. In light of these events, the Insurance Regulatory and Development Authority of India (Irdai) has directed two insurers to conduct audits of their IT systems to strengthen their data protection measures. While Irdai did not disclose the names of the insurers, it reiterated its commitment to taking data breaches seriously and ensuring policyholders’ interests remain safeguarded.
These breaches highlight the growing cybersecurity challenges in India’s insurance industry, where sensitive customer data is increasingly at risk. The incidents underscore the urgent need for robust security measures and proactive risk management to prevent such occurrences in the future.
As HDFC Life continues its investigation, the company has emphasised its commitment to transparency and customer protection. *“We will take utmost care to handle the concerns of our customers and take actions to safeguard their interests,”* the company stated.
