31 mn Star Health customers’ personal data leaked: What you need to know

According to the hacker, as reported by PTI, email communications between them and a senior company official support the claim that the data was sold to them. Screenshots of these emails have been shared publicly, revealing the discussions about the deal and its terms.

How the data leak deal unfolded

According to xenZen, the initial deal with Star Health’s CISO was for $28,000. However, the company official later raised the demand to USD 150,000, justifying the increase by stating that he needed to share the proceeds with senior management to continue leaking the data. The hacker claims that this led to the decision to make the data public.

Why Telegram is a preferred tool for data leaks

Telegram is a platform that enables individuals to share large volumes of data anonymously, making it a popular choice among hackers. It allows users to set up custom chatbots that can automatically respond to data requests. In this case, two Telegram bots are distributing Star Health’s data—one providing claim documents in PDF format, and the other offering detailed information from the customer database.

“Telegram has become a go-to platform for criminals because it provides an easy way to operate,” said NordVPN cybersecurity expert Adrianus Warmenhoven. “Its user-friendly interface has made it a natural choice for handling stolen data.”

Star Health Insurance’s response

Star Health Insurance has responded to these claims by stating that they have launched a comprehensive forensic investigation with the help of independent cybersecurity experts. The company says it is working closely with government and regulatory authorities to thoroughly investigate the incident.

“We also timely approached the Madras High Court which in the attached order has directed all, including certain third parties, to disable access to the relevant information. We are diligently pursuing the implementation of this order,” the company said in a statement.

Star Health emphasised that their CISO has been cooperating fully with the ongoing investigation, and so far, no evidence of wrongdoing has been found. They urged all digital platforms to take action against the illegal distribution of their customer data and comply with the court’s orders.

Legal action and court directives

The Madras High Court has acknowledged the severity of the breach and the need to prevent further leaks of sensitive data. The court referred the matter for further hearing on October 25 and issued orders to block access to the leaked information.

Meanwhile, the hacker has created Telegram bots that reportedly offer access to data of over 31.2 million customers, with details updated till July 2024, and insurance claims information available until early August. These bots allow users to request policy numbers, claim documents, and other sensitive data at the click of a button.

The wider trend of data breaches

Star Health’s data breach is part of a broader trend of using Telegram to sell stolen data. A survey by NordVPN at the end of 2022 revealed that India had the highest number of victims, accounting for 12% of the 5 million people whose data was sold through chatbots on the platform.

Consequences of the data breach

Data breaches like this one can have severe implications for individuals, increasing their risk of identity theft and online scams. Cybercriminals can exploit sensitive information to create fraudulent accounts or make unauthorised transactions, according to cybersecurity firm Meta Compliance. When personal details fall into the hands of hackers, individuals become vulnerable to a range of cybercrime.

With PTI inputs

First Published: Oct 10 2024 | 12:57 PM IST