HQ/EMEAFind out how we can help your business
Niva Bupa Health Insurance has launched an investigation into a potential Niva Bupa data leak after receiving an anonymous claim of unauthorised access to its customer information. The company confirmed on Friday that a threat actor contacted them via email, asserting they had obtained sensitive customer data.
Niva Bupa Health Insurance, based in New Delhi, India, is a joint venture between Bupa and True North. It offers health insurance products, focusing on accessible and comprehensive healthcare coverage.
In a public statement, Niva Bupa acknowledged the claim and emphasised that it is treating the matter with urgency. The insurer confirmed that a threat actor had contacted them via email, claiming to possess customer data. The company is actively conducting investigations into the potential data leak and implementing measures to mitigate any risks. However, no further details about the nature or scale of the potential breach were provided.
This incident comes shortly after Niva Bupa’s public listing in November last year, where the company raised Rs 800 crore through a fresh issue of shares. The initial public offering (IPO) also included an offer for sale by Bupa Plc and a special purpose vehicle backed by private equity firms True North and Faering Capital, which held a 17.47% stake as of December 31, 2024.
Niva Bupa’s shareholder base includes notable investors such as Singapore’s state investment firm Temasek and Indian private equity firms A91 Partners and Motilal Oswal Alternates. Temasek and A91 had increased their investments in the insurer ahead of the IPO.
The Niva Bupa data leak marks the latest in a trend of cyber threats targeting Indian insurance firms.
In recent months, HDFC Life Insurance reported a case where customer data was shared with them from an unknown source, while Star Health revealed in August that some customer information, including medical records, had been stolen.
As Niva Bupa continues its investigation, concerns around data privacy and cybersecurity in India’s insurance sector are growing. The company has assured its customers that it is taking all necessary steps to assess the situation and strengthen its security protocols.
Organisations handling sensitive consumer data, particularly those in the financial and health industries, are increasingly exposed to cybersecurity threats, as the Niva Bupa data leak incident makes clear. Preventative action is crucial to avoid similar breaches.
