Policybazaar stated in a stock exchange filing that “illegal and unauthorised access” had been made to its IT systems

On Sunday, Indian online insurance Policybazaar disclosed that it had experienced an unidentified security breach, but that it had discovered that “no substantial” customer data had been exposed, or that some had been.

The insurance broker Policybazaar stated in a stock exchange filing that “illegal and unauthorised access” had been made to its IT systems and that it is working with the authorities to take appropriate action.

On its website, the company states that it has over 9 million clients.

The holding company of Policybazaar, PB Fintech, claimed its examination revealed “some vulnerabilities” in the IT systems and that it had addressed them. PB Fintech went public last year, and its shares are currently trading for less than half of what they did at the time.

It did not specify what client data had been exposed in its entirety if an attacker had breached security, or how frequently the vulnerabilities had been used. A request for comment was not immediately met with a response.

“The discovered vulnerabilities have been patched, and a comprehensive assessment of the systems has begun. The information security team and outside consultants are presently reviewing the situation, according to the company’s filing, which you can read below.