India’s insurance industry is experiencing a surge in high-impact data breaches, with incidents at Star Health, HDFC Life, and Niva Bupa exposing millions of policyholders’ personal and medical details. These attacks highlight a growing reality: customer data has become as valuable—and as vulnerable—as any insured asset. From proposal forms and medical records to KYC documents and claims data, every touchpoint presents a potential weak link if not backed by strong privacy, consent, and security measures.
This blog explores the recent breaches, uncovers where insurance data ecosystems are most at risk, and outlines how DPDP-driven practices and stronger governance can help insurers rebuild trust in a rapidly digitalising sector.