The Insurance Regulatory and Development Authority of India, or IRDAI, has allegedly suffered from a cyberattack from a still unknown threat group. These findings are from our dark web team in iZOOlogic’s discoveries during a routine investigation within the cybercrime landscape.
Though the incident is still under investigation, it shows that numerous life and non-life insurance institutions in India have been impacted by the attack, including Aegon Life Insurance, Reliance Life Insurance, ICICI Prudential Life Insurance, Agriculture Insurance Co. of India Ltd., Cholamandalam MS General Insurance Co. Ltd., and Royal Sundaram Alliance Insurance Co. Ltd.
The leaked insurance documents from the affected firms include personal and confidential information, compliance documents, brokers’ and insurers’ checklists, and employee databases.
IRDAI is India’s supreme authority regarding the country’s insurance market.
The insurance industry in India has been primarily regulated and developed by IRDAI since its establishment. The organisation guides the country’s insurance market and promotes efficient insurance, life and non-life, business by regulating and policing rates and other insurance-related charges.
Additionally, the Indian insurance organisation aims to protect policyholders’ interests by quickly settling insurance claims and preventing fraud and malpractices. As of September 2020, 31 general and 24 life insurance firms enlisted with the IRDAI. These numbers of companies associated with the organisation imply that a cyberattack incident would affect the data of numerous individuals involved under IRDAI’s supreme authority.
IRDAI also pledges to protect its clients against coverage of losses in insurance policies and prescribing terms and conditions for insurance coverage by the policyholders. Any insurance firms that fail to comply with the rules of the supreme insurance authority can be penalised accordingly.
Since this cyberattack issue is yet to be fully confirmed, our dark web researchers in iZOOlogic will continue to probe the underground landscape and share updates as they emerge. For now, people that could be affected by the alleged attack on IRDAI must be vigilant and report to authorities if suspicious activities relating to the illegal use of their data transpires.
