Claims emerge that former Bupa employee was trying to sell one million records on the black market

patient data
A Bupa employee has reportedly copied and removed information affecting more than 100,000 medical insurance plans has revealed the former Bupa employee was looking to sell up to one million records on the dark web

[London, UK] The Bupa employee that was revealed to have stolen information on medical insurance plans, affecting more than 500,000 customers worldwide, was trying to sell up to one million records on the black market. reportedly became aware of the breach last month, when a user called ‘MoZeal’ posted a listing on the dark web, claiming he was looking to sell an ‘extensive database’ that included information on birth dates, phone numbers, email addresses and others.

His listing reportedly revealed that nearly 130,000 UK insurance plans were affected. According to, responding to a potential buyer, MoZeal said the database included information from over 122 countries.

‘Not a cyber attack’

Bupa Global’s Managing Director, Sheldon Kenton, notified customers last week of the data breach, saying:

“Protecting the information we hold about you is our absolute priority, and I am sorry that this has happened. We are treating this seriously and taking steps to address this situation.

“This was not a cyber attack or external data security breach, but a deliberate act by the employee. We have introduced additional internal security measures and increased our customer identity checks.

“A thorough investigation is underway and we are taking appropriate legal action.”

The employee has since been dismissed and the Information Commissioner’s Office is also reportedly making enquiries. 

A Bupa spokesperson told BJ-HC: "All of the information and statements we have made public this week remain valid. We are aware of a report that suggested on 23rd June 2017 a former employee claimed to have 500,000 to one million records for sale.

"Our thorough investigation established that 108,000 policies, covering 547,000 customers, had been copied and removed."