Concur News is the official news page of Concur – a platform that helps manage consent and personal data with ease.

IRDAI Slaps ₹3.4 Crore Penalty on Star Health Over Major Data Breach

By Purvi Agrawal on

IRDAI Fines Star Health ₹3.39 Crore for Cybersecurity Failures

HYDERABADThe Insurance Regulatory and Development Authority of India (IRDAI) has imposed a fine of ₹3.39 crore on Star Health and Allied Insurance Company for failing to follow important cybersecurity rules. This action highlights serious concerns about how the company has been handling the protection of its customers’ data.

Why the Fine Was Imposed?

IRDAI’s decision comes after it found that Star Health did not fully follow the Information & Cyber Security Guidelines, 2023. The guidelines help protect sensitive customer data from hacking, leaks, or other misuse. The regulator found that Star Health had not taken enough steps to secure its digital systems.

Was There a Data Leak?

Although IRDAI’s statement focuses on general cybersecurity failures, many experts link the fine to a huge data breach that happened in August 2024. Reports say the breach exposed data of nearly 3.1 crore policyholders. The leaked information may have included personal and medical details of customers, making it one of the biggest privacy incidents in India’s insurance industry.

What This Means for the Insurance Industry?

The action taken by IRDAI sends a strong message to all insurance companies in India. It shows that the regulator will not ignore weak digital security. The regulator now expects insurance firms to:

  • Upgrade their cybersecurity systems
  • Train staff in data protection
  • Follow stricter compliance rules

This could lead to major improvements in how the industry handles customer information.

What’s Next for Star Health?

Star Health now faces the challenge of fixing its security gaps and winning back trust from its customers. The company will have to prove to the IRDAI and the public that it can protect user data properly. If it doesn’t, it may face even tougher penalties in the future.

While the financial penalty is serious, the real impact could be damage to the company’s reputation—a loss that might take a long time to recover from.

Also read: https://news.concur.live/parliament-panel-questions-meity-on-delays-in-implementing-dpdp-act/

AI PrivacyData breachData privacyDPDPA
Related Posts

Security Breach Compromises Personal Data of Organ Donors

Purvi Agrawal

Parliament Panel Questions MeitY on Delays in Implementing DPDP Act

Purvi Agrawal

Govt Adopts Zoho-Backed Email After Major Data Breach to Prevent Future Hacks

Purvi Agrawal