Policy Watch
Insurance Fraud: Nexus & Lapses By Insurance Companies, Agents, Brokers, Regulators Key Behind Huge Data Leak, FCRF Panel Recommends 7 Solutions
NEW DELHI: A common man can take insurance to safeguard himself from unforeseen challenges, but what if his/her personal data gets misused to take away their hard-earned money. Something similar is happening every day in India’s insurance sector. Cyber criminals are using insurance customers’ personal and sensitive data to cheat them.
Unfortunately, such scams have become so rampant that this illegal trade has turned into a multi-crore industry. Insurance regulators and insurance companies have done little to ensure safety of their customers’ data, which they are mandated to do.
In almost all the cases of insurance-related frauds, law enforcement agencies have data of leading insurance companies with the criminals. In fact, this data is bought at dirt-cheap prices by conmen and then further used as fuel to spread their scam.
ALSO READ: Massive Data Leak Of Major Insurance Companies Led To 50 Cr Fraud, UP STF Arrest 9
HOW DO SCAMMERS GET INSURANCE DATA?
There are multiple loopholes in the systems, but the most common of them is data leak by an insider or employee against a payment. Third-party companies working with insurance giants are also to be blamed who in many cases are found loosely handling sensitive data. At times hackers also find out security loopholes in company’s data storage and leak entire data on the darkweb or internet. However, it is the duty of insurance company to identify and fix these gaps.
WHAT DO SCAMMERS DO WITH THE DATA
Data works as the main raw material for this business. Once the data of a customer is with a criminal they know everything about their target. His age, address, email, mobile, bank details, finances, health status, family members etc. These vital information help the criminals manipulate their targets. They sometimes pose as insurance executives and give bonuses, offers or even threats of policy getting lapse to get their banking details.
The researchers of Future Crime Research Foundation (FCRF), after examining recent scams and cases of insurance frauds, sent out some recommendations that the insurance sector must have taken into account. The panel also directed questions on insurance stakeholders and their accountability when such frauds take place.
1: Why insurers are not taking any action against the IS Auditors who have just issued ISO 27001 compliance certificates without doing proper auditing? CERT should find out who these Information Security auditors are and must cancel their empanelment if found to be neglecting their duties.
2: What is the CISO of Insurer is doing? He should either be sacked or demoted if found at fault.
3: IRDA must be pulled up by Finance Ministry as the regulator has completely failed in supervising duty.
4: What are the State Adjudicators posted under IT Act 2000 are doing in terms of imposition of fines on insurers?
5: What about the internal investigation? Who conducted forensic audits after data breach came in to light?
6: Why LEAs/ Police is not starting a suo-motto case implicating insurers as data breach is a cognisable criminal offence in IT Act 2000 (amended 2008)
7: What is the Board of insurance company doing? Why should the board must not be held accountable for such serious lapse under Company Act, 2013 and for failing in their statutory duty of fraud risk management?
Researchers of Future Crime Research Foundation are requesting Finance Ministry to look into these serious negligent conducts of insurers and set up a high-level enquiry to find out the nexus behind such malpractices. Finance Ministry may refer this case to CBI or SFIO for fair investigation.
TIMELINE OF INSURANCE FRAUD IN UP:
– August 2015: FIR at Hazratganj, Lucknow – 5 Lakh data of ICICI Prudential, HDFC Life, Bharti Axa, Aegon Life, Future Generali (FG) was found from criminals. 5, 000 people were duped of Rs 50 cr. 89 people were arrested from Delhi’s Janakpuri area.
– October 2015: FIR at Gosaigunj, Lucknow – 5 Lakh data belonging to ICICI Prudential, HDFC Life, Bharti AXA, Reliance Life Insurance, Aegon Life, Exide Life, Birla Sun Life, Future Generali. 65,000 people across India duped of over Rs 15 Cr. 83 People were arrested from Noida.
– February 2015: FIR at Lakhimpur Khiri – 3 Lakh data leaked involving ICICI Prudential, Bharti Axa, Reliance Life Insurance (RLI), Aegon life, Exide Life, Birla Sun life, FG seized. 40 people arrested who called over 1.19 lakh people and duped 2,500 of Rs 12 cr.
– July 2016: FIR at Cyber crime, Lucknow – 3 lakh data found from HDFC ERGO, FG, Bharti Axa, ICICI Lombard, Reliance General. 73 people were arrested who minted Rs 20 crore by cheating 1,200 people.
– September 2016: FIR at Cyber Crime, Lucknow – 8 lakh data found from Bharti Axa, ICICI Prudential, RLI, Birla Sun Life, Exide life. Six members of gang member were arrested who made Rs 15 cr by cheating 1,000 people.
– April 2017: FIR at Fathepur – 20,000 data of Bharti Axa, ICICI Prudential, RLI, Birla Sun Life, Exide Life was found. Four people were arrested involved in Rs 10 cr scam.
– August 2017: FIR at Fatehpur – 1 lakh data of Bharti Axa, ICICI Prudential, RLI, Birla Sun Life, Exide life was found. 43 people arrested for Rs 12 cr scam.
– August 2017: FIR at Fatehpur: 1 lakh data from Bharti Axa, ICICI Prudential, RLI, Birla Sun Life, Exide Life recovered. 17 member of the gang were arrested from Noida in Rs 8 cr fraud.
– September 2017: FIR at Geroge Town, Prayagraj – 1 lakh data of Bharti Axa, ICICI prudential, RLI, Birla Sun Life, Exide Life, recovered. Two people were arrested from Noida in Rs 5 cr scam.
– November 2017: FIR at Fathepur: 1 lakh data of Bharti Axa, ICICI Prudential, RLI, Birla Sun Life, Exide Life found. One man was arrested from Noida who cheated innocent people of Rs 10 cr.
– November 2017: FIR at Sector 58, Noida – 1 lakh data of Future Generali, Bharti Axa, Bajaj Allianz General Insurance, Tata AIG General Insurance Company, HDFC ERGO was recovered from the criminals. In Rs 10 crore scam four conmen were arrested.
– March 2018: FIR at Cyber Crime, Noida – 2 lakh data of RLI, FG, Exide Life, Birla Sun Life, HDFC Life, PNB Met Life, Max Life Insurance, Bajaj Allianz, HDFC ERGO was found. Police arrested 105 people who had made over Rs 200 cr.
– December 2018: FIR at Lanka, Varanasi – 30,000 data of ICICI Prudential, Exide Life, Bharti Axa was seized. 36 conmen involved in Rs 10 cr fraud were arrested from Noida.
– March 2019: FIR at Cyber crime, Noida – 14 lakh data of Bharti axa, RLI, Birla Sun Life, HDFC life and other online e-commerce giants was found. Mastermind of the gang was arrested who committed Rs 200 cr fraud.
– July 2019: FIR at Cyber Crime, Noida – 5 lakh data of Bharti Axa, Reliance Life, Birla Sun Life, HDFC life and other e-commerce portal was found. Hacker arrested, gang involved in Rs 200 cr scam.
– August 2019: FIR at Unnao – 1 lakh data of Bharti Axa, RLI, Birla Sun Life, Exide Life was seized. 200 people were cheated of Rs 5 crore. Police had arrested two gang members involved in the scam.
– November 2019: FIR at Muradabad – 10,000 data of Bajaj Allianz Life, Birla Sun Life, ICICI Prudential, Exide Life, Bharti Axa was found with the criminals. Six people were arrested in Rs 7 cr scam.
– August 2020: FIR at Ghazipur, Lucknow – 20,000 data of PNB MetLife Insurance, ICICI Prudential, RLI, Birla Sun Life was seized. Six people arrested who minted Rs 15 cr by cheating people.
– December 2020: FIR at Cyber Crime, Lucknow – 8 lakh data leaked involving Bharti Axa, ICICI Prudential, RLI, Birla Sun Life, Exide Life. Mastermind was arrested who made Rs 1 cr.
– February 2021: FIR at Ghazipur, Lucknow – 2,000 data of PNB MetLife, ICICI Prudential, RLI, Birla Sun Life was found. One man was arrested for cheating people of Rs 1 cr.
The FIR data above is for reference purpose only. This is to gauge the magnitude of insurance frauds happening in India. If insurance data breache-related FIRs were to be collected from the entire country, it would run into hundreds of pages with accounts of victims who have lost crores of rupees because of this criminal nexus between Insurers, IRDA, Insurance Brokers, Agents and Cyber Criminals.
Follow The420.in on
Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube