A massive hacking incident has hit one of India's largest health insurers, Star Health, exposing the personal information of over 31 million customers. The stolen data, which includes sensitive medical reports, has reportedly been made available to the public through chatbots on the messaging app Telegram.

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

According to a report by Reuters, the personal data of Star Health's customers is being offered for free via these chatbots. A user with the alias "xenZen" is said to have created these bots, allowing people to request and download various sensitive documents. These documents include policy details, claims information, and even medical diagnoses. Reuters tested the system and managed to download more than 1,500 files containing names, phone numbers, addresses, tax details, copies of ID cards, test results, and medical diagnoses of customers. Some of the documents were as recent as July 2024.

Jason Parker, a security researcher based in the UK, revealed to Reuters that he posed as a potential buyer on an online hacker forum. On the forum, the user "xenZen" claimed responsibility for creating the chatbots and said they had access to 7.24 terabytes of Star Health customer data. A message in the forum warned that if the bot was taken down, another would quickly replace it, indicating the hacker's intent to continue sharing the data.

While Telegram has removed some of the initial chatbots after being alerted to the situation, new ones have reportedly emerged, continuing to offer Star Health's customer data. A Telegram spokesperson, Remi Vaughn, stated that the platform strictly forbids the sharing of private information and removes such content as soon as it is detected. Vaughn mentioned that Telegram moderators use proactive monitoring, AI tools, and user reports to remove millions of harmful posts daily.

Star Health has acknowledged the breach and is working closely with law enforcement agencies to address the issue. The company assured its customers that, despite the hacking incident, their sensitive data remains secure. In a statement, Star Health said, "The unauthorized acquisition and dissemination of customer data is illegal, and we are actively working with law enforcement to address this criminal activity. Star Health assures its customers and partners that their privacy is of paramount importance to us."

The DNA app is now available for download on the Google Play Store. Please download the app and share your feedback with us.