Star Health Insurance Data Leak: Data of Over 3 Crore Customers leaked on Telegram

In a major cybersecurity incident, Star Health, one of India’s largest health insurance providers, has fallen victim to a data breach that has compromised the personal details of over 31 million customers. Sensitive information, including medical records, has now been made publicly accessible through Telegram chatbots, putting millions at risk.

What Happened?

As reported by Reuters, the stolen data is freely available via Telegram chatbots, a popular messaging platform. These chatbots, allegedly created by a user known as “xenZen,” enable people to access and download confidential information such as policy details, claims records, medical diagnoses, and more. The chatbots allowed users to search for and retrieve documents, exposing sensitive data like names, addresses, phone numbers, tax records, ID cards, and even test results.

Reuters confirmed the extent of the breach by downloading over 1,500 files that revealed Star Health customers’ personal and medical information. Some of the leaked documents were as recent as July 2024, making it clear that the breach is recent and ongoing.

Star Health said an unidentified person contacted it on Aug. 13 claiming to have access to some of its data. The insurer reported the matter to the cybercrime department of its home state of Tamil Nadu and federal cyber security agency CERT-In.

“The unauthorized acquisition and dissemination of customer data is illegal, and we are actively working with law enforcement to address this criminal activity. Star Health assures its customers and partners that their privacy is of paramount importance to us,” it said in its statement.

In an Aug. 14 stock exchange filing, opens new tab, Star Health, India’s biggest player among standalone health insurance providers, said it was investigating an alleged breach of “a few claims data”.

The Scale of the Breach

UK-based cybersecurity expert Jason Parker, who investigated the breach by posing as a buyer on a hacker forum, uncovered that the chatbot creator “xenZen” had access to a staggering 7.24 terabytes of data. Parker found that the data leak was not only extensive but also well-organized for easy access through the chatbots.

A concerning message from the hacker forum warned that even if the chatbot was taken down, new ones would emerge within hours, indicating a relentless cycle of data exposure.

Telegram’s Response

Telegram initially removed the compromised chatbots after being alerted to the issue by Reuters. However, new bots quickly surfaced, continuing to offer Star Health’s stolen data. These new bots were flagged as “SCAM” by some users, but the damage had already been done.

In response, Telegram spokesperson Remi Vaughn commented, “Sharing private information on Telegram is strictly prohibited and is removed whenever detected. Moderators use proactive monitoring, AI tools, and user reports to eliminate harmful content.” Despite Telegram’s efforts, the sensitive data remained accessible through newly created chatbots.

Star Health’s Reaction

Star Health has acknowledged the breach and is cooperating with law enforcement to investigate the matter. In a public statement, the company reassured customers that an initial assessment revealed “no widespread compromise” and that “sensitive customer data remains secure.”

The company also emphasized that the unauthorized access and sharing of customer data is illegal and assured customers that they are working to resolve the issue. “Star Health assures its customers and partners that their privacy is of utmost importance to us,” the statement said.

What’s Next?

Star Health is taking immediate steps to safeguard customer information and work with authorities to address the breach. However, the incident raises serious concerns about the safety of sensitive data and the growing threat of cyberattacks in the healthcare sector.

For customers, it’s crucial to stay vigilant. If you are a Star Health customer, keep an eye out for any suspicious activity involving your personal information, and consider reaching out to the company for more details about how they are handling the situation.

This breach highlights the importance of data security in an increasingly digital world, especially when it comes to personal and sensitive information like medical records. With hackers finding new ways to exploit vulnerabilities, companies must continuously enhance their security measures to protect their customers.