Australian insurer Aussie Travel Cover has suffered a breach of hundreds of thousands of records, but opted not to inform insurance policy holders or customers.
According to ABC News, Aussie Travel Cover was made aware that its computer system was hacked on December 18th 2014, and let third party agents know about the incident on December 23rd, but did not inform insurance policy holders or customers.
Among the stolen data was a large amount of personal information of travel insurance clients, including names, phone numbers, email addresses, travel dates and how much policies cost. It said in an email to agents “at this stage, there is no reason to advise policyholders” as it engaged consultants to help investigate the breach.
The report claimed that a log of the entire structure of the company’s database shows that the policies part of the system has more than 770,000 records. Another called banking contained more than 100,000 records.
While Aussie Travel Cover said in the email to agents that no credit card records or bank details were kept on the website or database, the ABC has seen records which appear to show the first and last parts of credit card numbers with the rest of the number redacted.
Aussie Travel Cover has told the ABC it was aware of the issue and cooperating with law enforcement, but could not provide any further information.