Belgian insurers have leaked the personal data of tens of thousands of customers. They include Belfius, DVV, CDA Insurance, P&V Insurance and Schyns Assurances & Finances.
Het Laatste Nieuws reports. The data was captured from Penbox.io, a company that processes or has processed customer data for hundreds of insurers. It is believed that the files were accidentally put online due to human error, the Belgian newspaper further reports.
“We have not been compromised ourselves, but we worked with an agency for a marketing campaign. Meanwhile, we no longer do that, but they left something open somewhere. This could have added to the general marketing letters we sent to our customers,” insurer CDA states. “We will obviously recover the cost of writing to all our customers from them,” adds director Stefaan Dubois. He notes that CDA no longer worked with Penbox and he is surprised that the data was still on the company's systems.
“This is a limited dataset from 2023,” insurer P&V said. “Critical data such as login or contract data were not in that dataset, but personal data such as names and addresses of a limited number of customers were. We obviously take this very seriously. We are currently analyzing the implications to take the necessary further steps.” HLN asked Penbox for comment. The company said it does not own the data, only the processor, and claims it is not allowed to communicate about it as a result.
Translated from Dutch with DeepL.com (free version)
