Australian-based insurance provider Prosura has reported that it is responding to a cyber attack after some of its customers received fraudulent emails relating to their completed or existing policies.
“On Saturday, we identified unauthorised access to parts of our systems. As a precaution, we have temporarily disabled the ability to purchase a policy, submit or manage a claim, or administer an existing policy via our self-service portal while we investigate and secure our environment,” Prosura said in a media statement, detailing the incident.
According to the company, the information that may have been affected includes names, email addresses, phone numbers, country of residence, travel destinations, invoicing and pricing details, as well as policy start and end dates. The breach may also have exposed claim-related data, including driving licences and associated images.
Prosura emphasised that there is no evidence that payment information, including credit card details, has been accessed, noting that the company does not store credit card information.
“We are taking this incident extremely seriously. We will work with specialist cybersecurity experts to investigate what happened, secure our systems, and restore services safely.”
The insurer advised customers to refrain from responding to suspicious emails, not to contact any third-party email addresses mentioned in them, and not to click on links or open attachments in unexpected messages.