Irdai to increase scrutiny of cyber security breaches after Star Health episode
Irdai is intensifying scrutiny of cybersecurity lapses in the insurance sector following a major data breach at Star Health Insurance. Over 31 million customers' data was compromised. The regulator has mandated an extensive audit of Star Health's ...
Over 31 million customers' sensitive personal information was allegedly sold to hackers, seen as one of the most severe breaches in the insurance industry.
"Irdai sees this data leak as a very serious issue," a person said, adding that other insurers would also need to review their data security policies. "As more sensitive data flows into insurance firms, there is a need for stronger cybersecurity. The regulator wants to ensure that every insurer applies the best possible security measures, including regular audits and updates to safeguard data."
Irdai will wait for an audit report to identify the gaps and issue instructions. The regulator has asked Star Health to extensively audit the company's cybersecurity framework. The audit, led by an external firm, is expected to identify control gaps and recommend compliance measures to prevent future data thefts.
The breach, linked to the company's chief information security officer (CISO) Amarjeet Khanuja, surfaced after a hacker going by the alias "xenZen" claimed Khanuja had sold the data and later tried to renegotiate for more money in exchange for continued backdoor access.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.