HDFC Life Insurance Company on Thursday said that the data theft that was reported in November 2024, did not result in any adverse material impact and has been resolved. The company said that it has engaged leading information security experts to conduct a comprehensive information security assessment into the incident, along with a compromise assessment of the Company’s IT systems.
In a regulatory filing, HDFC Life provided an update on the data theft as it said, “The assessments have now been completed, revealing that the unauthorized exploitation was confined to a specific, identified issue. This issue has since been promptly addressed and remediated.”
In response to the incident, HDFC Life has also implemented enhanced security protocols, to further strengthen its IT infrastructure and safeguard customer data. “The company is fully committed to maintaining the highest standards of cyber security and data protection and has instituted several measures that will help strengthen the same,” it said in a statement.
Earlier in November, HDFC Life had informed the exchanges that it has received communication from an unknown source, “who has shared certain data fields of our customers with us, with mala fide intent”. It had further said, “We value the data privacy of our customers and as an immediate measure, we have initiated an information security assessment and data log analysis. A detailed investigation is underway in consultation with information security experts to assess the root cause and take remedial action, as necessary. We continue to investigate this further to assess potential impact and are making this disclosure as a matter of good governance. We will take utmost care to handle concerns of our customers and take actions to safeguard their interest.”
In January, HDFC Life had released its fiscal third quarter earnings report with a 15 per cent jump in its consolidated net profit at Rs 421.31 crore. The net premium income in Q3FY25 went up by 10 per cent to Rs 16,832 crore.