Online insurer Policybazaar says customer data was exposed by ‘unauthorized access’ – TechCrunch

Indian online insurer Policybazaar said on Sunday that “illegal and unauthorized access” were made to its IT systems but its review found that “no significant” customer data was exposed — or in other words, some was.

Policybazaar, which sells a range of insurance coverage, said in a stock exchange filing that it is engaging with authorities to take recourse.

The firm claims on its website that it serves over 9 million customers.

PB Fintech, the holding firm of Policybazaar, which went public last year and whose shares are trading at less than half of the debut price, said its review identified “certain vulnerabilities” in the IT systems and it has patched them.

It did not identify what all customer data had been exposed, whether there was a data breach by an attacker, or how many times the vulnerabilities were exploited.

“The identified vulnerabilities have been fixed and a thorough audit of the systems has been initiated. The matter is currently being reviewed by the information security team along with external advisors,” the company said.