Personal data breach rampant across banks, finance cos

Is there a widespread misuse of your personal data shared with financial institutions in India? The results of a national-level online survey suggest that six out of ten respondents experienced personal data breach by their loan service providers in India. Every four in 10 respondents felt their insurance providers or banks did the same.

The doubts about the breach of data originate from the alternate offers people start getting from competitors for their existing loans, insurance policies and banking services soon after they avail such services from one financial institution. The survey found that 59% of the respondents with an existing loan have received detailed alternate offers to switch to another lending institution either via email, phone call, SMS, WhatsApp, etc within the last five years. The survey, conducted by the social media platform LocalCircles, covered 41,000 persons from 319 districts of the country.

To the first question of whether the respondents had in the last 5 years received a detailed alternate offer related to an existing loan, 33% of the respondents stated they received multiple calls during this period. Another 26% stated it happened once or twice leading to the doubt of a massive data breach as it proved the sender had access to an individual’s personal loan data to send unsolicited loan offers.

The second question in the survey was about the experience of people with their insurance policies and especially if they received alternate offers on their insurance policies. While 30% of the respondents said they had been approached several times, 10% said it happened once or twice. LocalCircles said this meant that someone had access to not just the PAN and Aadhaar details of the policyholder, but also how much insurance they carry, their premium and when their policy expires.

Similarly, 34% of existing bank account(s) holders said they have been approached by others offering similar or better terms and conditions for opening a similar account at another bank at least once in the last five years.

Asked about the possible reasons for this data breach, 53% of the respondents said they believed service providers of these entities sell and/or share personal data. While some said the entities themselves sell or share the data, others blamed the employees of these companies. There are also 33% of respondents who feel “systems of these entities are not secure and thus subject to cyber thefts” while 5% believe data breach can happen through other means, and 8% of respondents are not sure why personal data breach happens.