Indian online insurer Policybazaar said on Sunday it was the subject of an unspecified security incident, but found that “no meaningful customer data” was exposed – or in other words, some were.
Policybazaar, which sells a range of insurance cover, said in a stock market filing that its computer systems were subject to “unlawful and unauthorized access” and that it is engaging with authorities to seek redress.
The company claims on its website that it serves more than 9 million customers.
PB Fintech, the holding company of Policybazaar, which went public last year and whose shares are trading at less than half the original price, said its review had identified “certain vulnerabilities” in IT systems and had them corrected.
It did not identify all of the customer data that had been exposed, whether there had been a data breach by an attacker, or how many times the vulnerabilities had been exploited. He did not immediately respond to a request for comment.
“The identified vulnerabilities have been corrected and an in-depth systems audit has been launched. The matter is currently being reviewed by the Information Security team with external advisors,” the company said in the filing, which you can read below.