Singapore Insurance Agency AXA Suffers Data Breach Affecting Thousands of Customers

Brian Erickson | September 11, 2017

Organizations hold such a large amount of data that it is basically suicide for them to have lacking cyber security. This is what leads to many different breaches continuing to occur all over the world. A single vulnerability or incorrect setting can lead to cyber criminals gaining access to various types of sensitive information. There are organizations suffering these types of incidents virtually every day. In a recent event, a data breach of AXA Insurance in Singapore exposed the personal information of thousands of their customers.

What Data Was Affected by the Breach

AXA had sent an email to most of those affected on September 7 to notify them of the breach, and the rest are to be notified by the 8th. The email said that a recent cyber attack had resulted in the personal information of about 5,400 customers on their Health Portal had been compromised. The data compromised in the attack included email addresses, mobile numbers, and dates of birth. Fortunately, no highly sensitive data was affected, such as addresses, NRIC numbers, credit card numbers, claims history, or bank details. Although, an official from AXA warned customers to be on the lookout for phishing attacks, as criminals may try to employ the stolen information in a campaign. AXA has since addressed the security point and said that the Health Portal is now secure. There does not appear to be any reports in regard to the vulnerability that allowed for this to occur, nor whether they have attempted to trace the perpetrator. The chief executive officer of AXA had skirted questions regarding when the breach happened and when it was discovered, but he did say that a review of their IT systems was underway.  Perhaps, as they investigate the incident further, more information will come to light about the attack.

It seems that AXA is handling the breach quite well, being that they immediately directed their efforts toward securing the vulnerability and notifying those affected. These are both vital steps in handling a breach, and organizations that lackadaisically address an incident like this can find themselves in an even worse condition. Data breaches and cyber attacks can result in heavy reputation and customer trust damage, and these damages can multiply when the organization does not display adept handling. Organizations hold heavy responsibility for the data of their customers, and they must show that they are focused on remediating any compromise of that data. Otherwise, customers may feel insecure about working with that organization and end up taking their business elsewhere.

Using Data Breach Solutions to Mitigate an Incident

When an organization suffers a breach, there is a series of actions that they must immediately undertake to handle it, which come under the heading of data breach solutions. This includes actions like patching the hole or vulnerability, removing traces of data from the web, notifying those affected, bolstering security, and tracing an attacker. Incompetent handling of any of the above factors can exacerbate the breach, and sometimes even cause an organization to fail. Organizations that lack the necessary resources to complete all of the above should enlist outside assistance. This may be expensive, but it is much more ideal than a negligent handling. With professional outside help, the incident can be mitigated to the fullest possible extent. Massive Alliance provides comprehensive data breach solutions that can help organizations of all types and sizes to come back from a breach.

Realistically, it is possible to come back from a breach in most cases, but this is often only feasible if it is adeptly handled and mitigated.

Operations Manager
Avid documenter of all things risk. Passionate about protecting people, property, and performance (PPPP) against risks. Enjoys advanced technology-led resilience solutions which identify relevant threats, warn those affected, and prescribe what action to take.