HDFC Life Insurance Company announced Thursday that a data theft reported in November 2024 has been fully resolved, and resulted in no material adverse impact. The company stated it engaged leading information security experts to conduct a comprehensive assessment of the incident, including a compromise assessment of its IT systems.
In a regulatory filing, HDFC Life provided an update on the data theft, noting, “The assessments have now been completed, revealing that the unauthorized exploitation was confined to a specific, identified issue. This issue has since been promptly addressed and remediated.”
Following the incident, HDFC Life has also implemented enhanced security protocols to strengthen its IT infrastructure and protect customer data. “The company is fully committed to maintaining the highest standards of cyber security and data protection and has instituted several measures that will help strengthen the same,” the company stated.
In November, HDFC Life informed exchanges it had received communication from an unknown source who shared certain customer data fields with “mala fide intent.” The company responded by initiating an information security assessment and data log analysis. HDFC Life stated at the time, “A detailed investigation is underway in consultation with information security experts to assess the root cause and take remedial action, as necessary. We continue to investigate this further to assess potential impact and are making this disclosure as a matter of good governance. We will take utmost care to handle concerns of our customers and take actions to safeguard their interest.”
In January, HDFC Life released its fiscal third quarter earnings report, showing a 15% jump in consolidated net profit to Rs 421.31 crore. Net premium income in Q3FY25 increased by 10% to Rs 16,832 crore.
