India’s Cyber Insurance Gaps Exposed by Massive 16 Billion Record Data Breach
A recent leak of over 16 billion online credentials has triggered fresh concerns among India’s cyber insurance and risk management community. Experts warn that businesses are neither sufficiently protected nor adequately prepared to deal with the financial and legal impact of large-scale cyber incidents. The leaked data, sourced from over 30 breaches both old and recent, has heightened the risk of credential stuffing, identity theft, and account hijacking.
Insurers and analysts say this is a wake-up call not just for individuals but also for enterprises that continue to undervalue cyber insurance despite growing regulatory pressure under the Digital Personal Data Protection (DPDP) Act. S Vishwanathan, Chief Technical Officer โ Underwriting and Reinsurance at SBI General Insurance, noted that while awareness is improving, many firms handling vast amounts of data still opt for low coverage limits, which may prove insufficient under the DPDP Act.
The limited reinsurance capacity in the Indian market, particularly for high-value policies, is prompting insurers to turn to overseas reinsurers for support. Sandeep Dadia, CEO and Country Head at Lockton India, highlighted the low awareness around third-party liability in India, warning that the gap in liability insurance penetration leaves businesses exposed.
Amarnath Saxena, Chief Technical Officer โ Commercial at Bajaj Allianz General Insurance, pointed out that poor digital habits can lead to organization-wide vulnerabilities. He added that cyber insurance now acts as a tool to enforce better security practices through audits, policy design, and risk assessments.
The scale of the leak has shifted how risk is assessed. Evaa Saiwal, Head โ Liability and Cyber Insurance at Policybazaar for Business, noted that insurers are now demanding multi-factor authentication, endpoint protection, and dark web monitoring as minimum conditions for coverage.
Parthanil Ghosh, Executive Director at HDFC ERGO General Insurance, emphasized that cyber incidents carry financial, legal, and reputational consequences. With increasing scrutiny under laws like the DPDP Act, cyber liability cover has become essential for business continuity across sectors.
