SBN

PolicyBazaar: Cyberattack Breaches IT System, No Significant Data Lost

PB Fintech, Policybazaar’s parent company, reported a data breach on July 19, 2022 when certain vulnerabilities in a part of Policybazaar Insurance Brokers Private Limited’s (Policybazaar) IT systems were subjected to illegal and unauthorized access. 

The online insurance distributor disclosed the breach on July 24, 2022, claiming that no significant customer data was compromised after the information security team, along with external advisors, reviewed the issue. 

The company reassured that the vulnerabilities were fixed and a thorough audit of the systems has been initiated to solidify the security of their IT systems. “Policybazaar has always prioritized the security and integrity of its systems and is committed towards protection of customer data,” the notification to the stock exchanges read.

Fintech Industry’s Threat Landscape

Earlier this month, Cleartrip reported a major data breach that landed its customer data and internal documents on the dark web. PolicyBazaar’s breach may not have been as disastrous, but it holds great significance, considering that the insurance brokerage firm stores a huge amount of its policyholder’s data, including their transactions. 

Despite its sophisticated services, Fintech remains a prime target for cybercriminals owing to its third-party, unprotected facilities, using which, the attackers can easily gain unauthorized access to steal customer/financial data, intellectual property, trade secrets or corporate strategies. The data breaches financial organizations undergo not only affect loyal customers, but also cause lasting damage to the targeted organization.

Some of the recent security incidents in Fintech includes – 

  1. DDoS Attack – Sberbank (May 6, 2022)

The largest financial institution in Russia, Sberbank, faced a DDoS attack, recorded as the largest in its history of 450GB per second, owing to the ongoing war between Russia and Ukraine. The attack was backed by a botnet which compromised devices from all over the United States, the United Kingdom, Taiwan and Japan.

  1. Cryptocurrency Theft – BeanStalk Farms (April 17, 2022)

The decentralized finance (De-Fi) project, BeanStalk Farms, lost approximately $182 millions in Cryptocurrency to cybercriminals when the attackers exploited their majority vote governance systems, a core component of many DeFi protocols. The finance platform tried to negotiate with the attackers by offering them 10% as ‘Whitehat bounty’ in return for 90% of the stolen cryptocurrency.

  1. Data Breach – CashMama (April 6, 2022)

CashMama, an Indian, now defunct, money lending platform, suffered a devastating data breach that exposed the details, such as full names, dates of birth, home address, bank account details and many more such information, of thousands of Indians. The hackers exploited the loan app’s AWS S3 bucket which was seemingly left open. The breach also compromised phone data for Vayloan, including SMS messages, contacts, fingerprint data and device information.

What Makes Financial Services An Ideal Target?

The past few years have seen a drastic change in banking as new technologies have taken over the way we access and generate data. Now-a-days, people can easily access their information via online banking, e-commerce platforms and mobile applications, but the more these services prove their usefulness, the more vulnerable organizations become due to cashless payments. 

Superior technology has provided cybercriminals with better opportunities to regularly infiltrate and exploit data, gain access to sensitive information, disable devices and, in worst cases, sell valuable information to competitors or marketing agencies via various channels.   

Trending cyber crimes in the Fintech industry –

  1. Application Security Risk

Many banks rely on applications to access their customers’ real-time financial data, which is why, if a software application does not possess sturdy security and efficient codes, it automatically becomes vulnerable to cyber risks. The attacker can easily exploit these weak security measures to steal sensitive customer information.

  1. Cloud Security Risk

In terms of data security, cloud-based solutions hold significant dominance over the Fintech industry. However, no matter how secure their data storage services are, lack of adequate security practices can lead to corruption of valuable data. 

  1. Data Identity Risk

Digitization in the banking and the finance industry has promoted the use of mobile-based services utilizing one-time passwords and security codes. These codes and passwords stand vulnerable to exploits as easy access due to faulty systems can lead to their corruption. The financial institutions need robust security architecture to address such issues. 

  1. Data Integrity Risk 

This technological era enabled people to access their accounts and transfer funds easily through their mobile phone applications, which provide customers ease and quick workflows. Nevertheless, if proper encryption algorithms are not implemented by financial institutions, integrity issues can occur.

  1. Money Laundering Risk

Since Fintech-driven banks employ cryptocurrency which is not formally regulated by any set of standards and regulations, it can lead to illegal money laundering and even terrorist funding due to Fintech’s pseudonym nature, which makes the identification of the beneficiary in any Fintech-enabled transaction impossible. 

What Can Be Done?

Building an ecosystem free of cyber-risk is a fundamental issue for Fintech companies, the future of our financial system. In that case, the following measures can assist Fintech to tighten their cybersecurity systems –

  1. Compliance – To ensure a risk-free environment, the organizations must comply with the protocols and regulations initiated by various organizations and governments, such as PCI-DSS and GDPR, for data confidentiality, integrity, availability and data privacy, as well as to reduce the risk of breaches.
  1. Security Testing – Regular penetration testing, such as Web/Mobile Application Testing and Cloud Penetration Testing, of an organization’s valuable assets and internal systems uncovers the potential vulnerabilities that cybercriminals can later exploit. It reduces the risk of a data breach, and helps strengthen the company’s IT environment.  
  1. Risk Management – Before implementing any cybersecurity measures, it is essential to fully assess and understand the elements posing risk to an organization’s infrastructure to construct a vigorous risk management regime that can later prove worthy in case of a cyber attack. 

Secure Your Infrastructures With Kratikal 

Kratikal is a CERT-In empanelled security solutions firm, offering a complete suite of both manual and automated VAPT services, such as Web/Mobile Application Penetration Testing, Cloud Penetration Testing, Network Penetration Testing, and many more to ensure the security of your IT infrastructure. 

Along with our VAPT services, we provide security auditing for Compliance, like PCI-DSS, ISO/IEC 27001, GDPR, HIPAA, and others. Complying with these cybersecurity measures can reduce the threat of data breaches looming over Fintech, one of the industries that we serve.

The frequent data breaches in the Fintech industry highlights all its vulnerabilities to the world. PolicyBazaar is the latest example, indicating what vulnerabilities can do to a successful organization.

What do you think about the incident? Share your thoughts in the comments below!

The post PolicyBazaar: Cyberattack Breaches IT System, No Significant Data Lost appeared first on Kratikal Blogs.

*** This is a Security Bloggers Network syndicated blog from Kratikal Blogs authored by Ishita. Read the original post at: https://www.kratikal.com/blog/policybazaar-cyberattack-breaches-it-system-no-significant-data-lost/