The breach affected Singapore customers who used AXA’s health portal, data protection officer Eric Lelyon said in an email to affected customers.
Lelyon said that the breach exposed customers’ email addresses, birth dates, and mobile numbers, which were used to transmit one-time passwords when users accessed the health portal, according to a report by ZDNet.com. The one-time passwords were required in order for users to log in to the site.
Lelyon told customers that no other personal data was compromised, and that the breach was “not likely to, on its own expose you to identity theft.” He did urge customers to be on the lookout for phishing scams attempting to extract the rest of their personal information.
“In the unlikely event you feel that you may have inadvertently disclosed personal data as a result of a phishing attempt in the last few months, it is possible this could be connected to this hacking incident, and if so, we urge you to file a police report,” he told customers.
Ironically enough, AXA introduced an online risk insurance service to Singapore in 2014, ZDNet.com reported. And earlier this year, AXA Research Fund pledged a $1.2-million grant to support a research program aimed at developing new strategies to protect data and privacy.
State reveals cyber strategy
Marsh discusses market outlook
The personal data of 5,400 AXA Insurance customers was compromised when the insurer suffered a cybersecurity breach.