Star Health hacked: Name, address, phone numbers, medical reports and other data of 31 million customers available for free on Telegram

TOI Tech Desk / TIMESOFINDIA.COM / Updated: Sep 23, 2024, 10:50 IST

Text Size

Small
Medium
Large

Star Health, one of India's leading health insurers, faced a massive hacking incident that compromised the private details of over 31 million customers. The stolen data is accessible via Telegram chatbots. The company is actively working with law enforcement to address the breach and ensured that the customer privacy remains secure.

Star Health hacked: Name, address, phone numbers, medical reports and other data of 31 million customers available for free on Telegram

A massive hacking at one of India's largest health insurers, Star Health, has exposed the private details of over 31 million customers. The stolen data, including sensitive medical reports, has been made publicly accessible through chatbots on the messaging app, Telegram.
According to a report by news agency Reuters, the data of the insurer’s customers is available for free via chatbots on Telegram – the founder of which was recently arrested for allegedly allowing the platform to be used for criminal activities.

How hackers are making stolen data available on Telegram

According to the report, a user named “xenZen” has created chatbots that allow users to request and download various documents, including policy details, claims information, and even medical diagnoses. Reuters says that it was able to download more than 1,500 files that have names, phone numbers, addresses, tax details, copies of ID cards, test results and medical diagnoses of customers.

It also claims that some documents are dated as recently as July 2024. UK-based security researcher Jason Parker told the news agency that he posed as a potential buyer on an online hacker forum where a user under the alias xenZen said they made the chatbots and possessed 7.24 terabytes of data.
“If this bot gets taken down watch out and another one will be made available in few hours,” a message read.
While Telegram has taken down the initial chatbots after being alerted by Reuters, new ones have reportedly appeared offering Star Health data. The chatbots were marked "SCAM" with a stock warning that users had reported them as suspect.

“The sharing of private information on Telegram is expressly forbidden and is removed whenever it is found. Moderators use a combination of proactive monitoring, AI tools and user reports to remove millions of pieces of harmful content each day,” said Telegram spokesperson Remi Vaughn said.

What Star Health has to say

The company has acknowledged the breach and is working with law enforcement to address the issue. It said an initial assessment showed “no widespread compromise” and that “sensitive customer data remains secure”.
“The unauthorised acquisition and dissemination of customer data is illegal, and we are actively working with law enforcement to address this criminal activity. Star Health assures its customers and partners that their privacy is of paramount importance to us,” the insurance company said in a statement.

About the Author

TOI Tech Desk

The TOI Tech Desk is a dedicated team of journalists committed to delivering the latest and most relevant news from the world of technology to readers of The Times of India. TOI Tech Desk’s news coverage spans a wide spectrum across gadget launches, gadget reviews, trends, in-depth analysis, exclusive reports and breaking stories that impact technology and the digital universe. Be it how-tos or the latest happenings in AI, cybersecurity, personal gadgets, platforms like WhatsApp, Instagram, Facebook and more; TOI Tech Desk brings the news with accuracy and authenticity.

End of Article