Company: Cognizant

Date of Breach: June 2024

Exposed Records: 40,000 users and a 12 million-lined document

Threat Actor: IntelBroker (BreachForums Operative)


Breach Details

In June 2024, Cognizant, a global professional services company, experienced a significant data breach. The breach exposed a substantial amount of sensitive information from their Insurance Model Office for OIPA (Oracle Insurance Policy Administration) database.

What Happened?

The breach was publicized by IntelBroker, a known operative on BreachForums. The leaked data includes highly sensitive information such as:

  • Policy Number
  • Role Code
  • Client Name
  • Company Code
  • State Code
  • Role Sequence Number
  • Arrangement Number
  • Arrangement Status
  • Start Date
  • End Date
  • Year
  • Draft Day
  • Modal Amount
  • Next Bill Extract Date
  • Next Premium Due Date
  • Repayment Mode

A sample of the compromised data was posted online, with the full dataset being offered for download on the forum.

Threat Actor Profile

Alias: IntelBroker

Forum: BreachForums

Reputation: High (3803 points)

Activity: Active since June 2023, with over 1,000 posts and 236 threads.

Impact Analysis

The exposed data poses severe risks to both individuals and organizations:

  1. Identity Theft: Personal information such as client names and policy numbers can be exploited for identity theft and fraudulent activities.
  2. Financial Loss: Sensitive financial data, including modal amounts and repayment modes, could lead to financial fraud and unauthorized transactions.
  3. Corporate Espionage: Exposure of company codes and arrangement numbers can result in corporate espionage and targeted attacks against Cognizant's clients.
Share this article
The link has been copied!