International Health Company Looses 547,000 Customers Records
Posted by: Timothy Weaver on 07/14/2017 01:36 PM
[
Comments
]
An angry employee of the United Kingdom-based international health insurance company Bupa got into their server and copied and deleted the records of more than 500,000 customers.
The company is in the process of contacting about 547,000 customers. Bupa has informed customers that the breach was not the result of a cyberattack but rather the deliberate act of an employee who has since been dismissed.
The data stolen and deleted included the names, dates of birth, nationalities, and contact and administrative details including Bupa insurance membership numbers.
Sheldon Kenton, managing director of Bupa Global, said: “A thorough investigation is underway and we have informed the FCA [Financial Conduct Authority] and Bupa’s other UK regulators.”
The ex-employee has posted the data on the now defunct dark website AlphaBay in late June.
"Unfortunately, the data revealed from this breach is the type that criminals can use to launch additional attacks,” Marco Cova, senior security researcher at cybersecurity firm Lastline told International Business Times.
“They merge data from multiple sources, building dossiers on potential victims, including spear phishing targets. The information that they gather does not have to be highly confidential in order to create successful attacks.”
Customers are being cautioned to keep a vigilant eye on their personal information.
Source: IBTimes
The company is in the process of contacting about 547,000 customers. Bupa has informed customers that the breach was not the result of a cyberattack but rather the deliberate act of an employee who has since been dismissed.The data stolen and deleted included the names, dates of birth, nationalities, and contact and administrative details including Bupa insurance membership numbers.
Sheldon Kenton, managing director of Bupa Global, said: “A thorough investigation is underway and we have informed the FCA [Financial Conduct Authority] and Bupa’s other UK regulators.”
The ex-employee has posted the data on the now defunct dark website AlphaBay in late June.
"Unfortunately, the data revealed from this breach is the type that criminals can use to launch additional attacks,” Marco Cova, senior security researcher at cybersecurity firm Lastline told International Business Times.
“They merge data from multiple sources, building dossiers on potential victims, including spear phishing targets. The information that they gather does not have to be highly confidential in order to create successful attacks.”
Customers are being cautioned to keep a vigilant eye on their personal information.
Source: IBTimes
Comments
