Health insurer Bupa fined £175k after staffer tried to sell customer data on dark web souk


International health insurance business Bupa has been fined £175,000 after a staffer tried to sell more than half a million customers’ personal information on the dark web.

The miscreant was able to access Bupa’s CRM system SWAN, which holds records on 1.5 million people, generate and send bulk data reports on 547,000 Bupa Global customers to his personal email account.

The information – which included names, dates of birth, email addresses, nationalities and administrative info on the policy, but not medical details – was then found for sale on AlphaBay Market before it was shut down last year.

Read more…
Source: The Register