A threat actor has allegedly leaked a significant database from Ghana’s insurance sector on a dark web forum. The actor released a 213 MB SQL file named “Ghana Insurance database,” which reportedly contains a vast collection of sensitive records. If validated, this incident could pose a severe threat to the privacy of numerous individuals and challenge the security posture of the country’s insurance industry, as the data is now accessible to malicious actors.
The exact origin of the database remains unconfirmed. However, a data sample shared by the threat actor included a customer record from “Priority Insurance Company Limited,” a known insurance provider in Ghana. The generic title of the database suggests that the breach could be extensive, potentially containing records from more than just a single company. This raises concerns about the security of shared data hubs or third-party service providers within the region’s insurance ecosystem.
The exposed information allegedly includes a wide array of personally identifiable information (PII) that could be exploited for fraud. The leak puts affected policyholders at a heightened risk of sophisticated phishing attacks, identity theft, and other financial scams. According to the sample, the allegedly compromised data fields include:
- Full Names
- Phone Numbers
- Branch and Company Names
- Residential, Postal, and Digital Addresses
- Customer and National ID numbers
- Date of Birth
- Occupation
- Policy and Branch details
