New Delhi, December 4: The research wing of CyberPeace on Wednesday claimed that 1.6 crore (16 million) customer records of HDFC Life Insurance are allegedly being sold on a Dark Web forum for 200,000 USDT (Tether cryptocurrency).

The leaked data reportedly contains sensitive customer information, such as policy numbers, names, mobile numbers, dates of birth, email addresses, residential addresses, health status, and more, claimed CyberPeace. Digital Arrest Scams: Government Blocked 1,700 Skype IDs and 59,000 WhatsApp Accounts Used for Fraud, Says Union Minister Bandi Sanjay Kumar.

Late last month, HDFC Life Insurance said there have been some instances of data leaks and they are assessing the potential impact of this breach. "We have received communication from an unknown source, who has shared certain data fields of our customers with us, with mala fide intent," HDFC Life said in a regulatory filing, adding that it continues to investigate this further to assess the potential impact.

According to CyberPeace, the data compromised (16 million records) is being sold in smaller quantities starting from 100,000 records, "with offers for private negotiations for buyers interested in personalised deals". “The identity of the cyber threat actors responsible for this breach remains unknown. CyberPeace's investigation reveals that the hackers have already sold substantial portions of the data to interested parties. 16 million customer records have already been sold, raising significant concerns about misuse and exploitation,” said the cyber-security organisation.

It further stated that “customers face severe privacy violations with their personal details being exposed. This information could be used for phishing scams and targeted attacks”. The leaked policy numbers and personal details could enable identity theft and unauthorised access to financial products or services, CyberPeace said, advising individuals to stay vigilant.

In its regulatory filing, HDFC Life had said a detailed investigation was underway in consultation with information security experts to assess the root cause and take remedial action, as necessary. In October, reports surfaced that customers' data of Star Health was available for sale and hackers put the entire 7.24 TB data, allegedly belonging to its over 3.1 crore customers, for open sale on a website for $150,000. WhatsApp Group Scam in Mumbai: Senior Citizen Loses Over INR 11 Crore in Online Share Trading Fraud.

In a statement, Star Health Insurance had said they were the victim of a targeted malicious cyberattack, resulting in unauthorised and illegal access to certain data, adding that a thorough forensic investigation was underway into the "targeted malicious cyberattack".

(The above story first appeared on LatestLY on Dec 04, 2024 06:32 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).