In a significant cyberattack, one of India’s largest health insurance companies, Star Health, has fallen victim to a massive data breach. The personal information of over 31 million customers has been exposed, with sensitive medical records now publicly available through chatbots on Telegram.
According to a report by Reuters, the stolen data can be accessed for free via Telegram chatbots. These chatbots were reportedly created by a user named “xenZen” who allows people to download customer documents, including policy details, claims information, and even medical diagnoses. This breach has made personal details such as names, phone numbers, addresses, tax information, copies of ID cards, and medical test results accessible to the public. Some of the leaked documents are as recent as July 2024.
UK-based security researcher Jason Parker posed as a potential buyer in an online hacker forum where xenZen claimed responsibility for the chatbots and boasted about possessing 7.24 terabytes of data. The hacker further warned that if the bot were taken down, a new one would quickly take its place.
Though Telegram has taken down the original chatbots, new ones have appeared, again offering Star Health data. Telegram’s spokesperson, Remi Vaughn, emphasized that sharing private information on the platform is strictly prohibited and that the company is using AI tools, proactive monitoring, and user reports to remove harmful content. Millions of such pieces of content are removed daily.
Star Health’s Response
Star Health has acknowledged the breach but insists that initial investigations indicate there has been “no widespread compromise” and that “sensitive customer data remains secure.” The company has also stated that they are working closely with law enforcement to address the criminal activity. In a statement, Star Health reassured customers that “their privacy is of paramount importance” and that they are actively working to address the issue.
However, the breach has sparked concern as cybercriminals continue to exploit vulnerabilities, making sensitive personal and medical information widely accessible. As Star Health works with authorities to secure its systems, customers are advised to remain vigilant and monitor their accounts for any suspicious activity.
This incident serves as a critical reminder of the growing threat of cybercrime and the importance of strong cybersecurity measures in safeguarding sensitive personal information.
For now, the breach continues to unfold, with Telegram chatbots offering customer data despite the platform’s efforts to take them down.
Key Points:
31 million Star Health customers’ private data exposed.
Data includes names, phone numbers, medical diagnoses, and ID cards.
Leaked information available through Telegram chatbots.
Star Health working with law enforcement to investigate.
Telegram has removed chatbots, but new ones continue to emerge.
Stay updated for more developments on this data breach.
Update
India’s Star Health has sued Telegram after a hacker used chatbots on the messaging app to leak customer data. The company has obtained a temporary injunction from a state court, ordering Telegram to stop the chatbots from leaking the data.
Stay informed with our financial updates, stocks, bonds, commodities. Get global & political insights. Follow us & enable notifications for the latest updates.
