From Complete Silence to Central Insurance Denial

Over the past few days, there have been reports of the hacking of millions of users from 19 insurance companies, which Central Insurance has denied. What is the story?

What Do Insurance Companies Say?

According to IDEA, recent reports have emerged regarding the leakage of insurance companies’ information in the virtual space. Some experts believe that this information may not be accurate. Insurance companies have not provided a clear response to this issue. In our communication with some of these companies, we received responses such as ‘We have no information.’ Some companies have denied the issue, while a handful have confirmed it, but they did not have further information. It should be noted that the hacker, in a channel where this information is offered for sale, insists on the accuracy of this data and has also released various samples to substantiate their claim.

What Do IT Experts Say?

On the other hand, contacting some insurance companies has led us to believe that this information has been leaked by the company ‘Fannavaran Ettela’at Khobreh.’ Prominent insurance companies like Pasargad Insurance, Iran Insurance, and Kowsar Insurance, which do not collaborate with this company, do not have their names on the leaked list. This could further suggest that the information may have originated from this company. However, this company denies these claims. Mehdi Emanimehr, the deputy director of this company, stated:

‘Fannavaran Ettela’at Khobreh is a company that approximately 24 insurance companies are currently working with. We provide software solutions in the field of information technology for the insurance industry. In fact, companies have their own data. Since these claims were made, first and foremost, their accuracy and validity should be thoroughly investigated. This matter is not the responsibility of our company, the insurance companies, or the central insurance organization. The Central Insurance Organization, the President’s Information Technology Coordination Center, and the Cyber Police are currently investigating the dimensions of this issue. Valuable information has been obtained, but we should not speculate about it because it disrupts the investigation process.’

Emanimehr emphasizes that insurance companies and Fannavaran Ettela’at Khobreh do not have a legal basis for making definitive statements. He also believes that it should be determined whether a real hack has occurred or not: ‘The main question is who has concluded that a hack has occurred at all? Firstly, it must be proven that this information actually exists. The leakage of data could be due to theft, hacking, or unauthorized access, and all of these aspects are being investigated by the President’s Information Technology Coordination Center and the Cyber Police.’

He emphasizes that institutions like the Information Technology Coordination Center and the Cyber Police are actively pursuing this matter, and we should wait for the results to be obtained by these organizations.

What Does the Central Insurance Organization Say?

As mentioned at the beginning of the article, the Central Insurance Organization has also issued a statement confirming cyberattacks but emphasizing that no hack has occurred: ‘No information from the central insurance systems has been exposed despite serious cyberattacks, and no hacking has taken place.’ The organization has claimed: ‘Based on available statistics, non-operational defense organizations, and the Central Insurance Organization are protecting policyholders’ information with the utmost power and high security.’ As stated by the Central Insurance Organization, this issue has been monitored by cybersecurity experts at the Central Insurance Organization and other relevant authorities for some time and is being pursued with care and sensitivity.

However, the Central Insurance Organization’s statement also mentions that prior warnings were given to insurance companies. It is unclear why the Central Insurance Organization insists on alerting companies when it claims that no hack has occurred. In this section of the statement, it explicitly states: ‘Furthermore, the related companies have also been notified to take more precautions, even on their historical and secondary data, with preventive technical measures. In the past month, security experts have taken measures to improve security, but it is still under surveillance until the full desired standards are established to prevent further confusion and harm to the public.’

It should be noted that Etemad newspaper has reported that some key network security managers associated with the Central Insurance Organization have left the country at the same time as one of the security crises involving hacking and the exposure of insurance policyholders’ information.

Furthermore, it is worth noting that the head of the Central Insurance Organization was suddenly replaced, and the new head, Ali Estad Hashemi, holds a doctorate in financial management from Shahid Beheshti University and is a member of the faculty at Payam Noor University. Estad Hashemi’s appointment has been criticized by some insurance activists due to his limited background, and startup enthusiasts believe that his perspective may not align well with the activities of insurance companies. Some believe that this change in management occurred as a result of the widespread hack, although nothing has been officially announced regarding this matter.

Since the widespread filtering and the emergence of internet disruptions to the present day, both government officials and private companies emphasize that various national entities have been subjected to extensive cyberattacks. Multiple reports indicate that filtering poses a threat to network security and, with the multiplication of bots, has become a significant threat to various national entities and end-users (the public).

Although the Central Insurance Organization explicitly stated in its statement that no hacking had occurred, its delayed response to this rumor continues to be criticized. On the other hand, it has been announced that some government and governing entities are following up on this issue, and it may be too soon for this matter to be definitively denied by these organizations. We must wait and see the results of investigations by units such as the FATA Central and the Cyber Police, and whether more transparent information will be provided regarding the claim of leaked information of millions of Iranian users or not.