THE personal data of 5,400 past and present policyholders on a health portal of AXA Insurance has been breached following a cyber attack.

In an email sent out on Sept 7 to policyholders, the insurer apologised for the breach, saying that the data exposed were the email address the customer used to correspond, mobile number, policy number of the health plan transacted and date of birth of the individual.

AXA said it has "confirmed that no other personal data was exposed", adding that personal particulars including name, identification number, address, credit card or bank details, health status and claims history have not been compromised.

It said no further action is required of the affected individual "as the information that was compromised is not likely to, on its own, expose you to identity theft".

Together with the notification, AXA also cautioned that the hacker or hackers could attempt to phish additional information from the customers and urged them to be vigilant.

AXA has filed a police report on this and is working with the authorities on the matter.