Star Health begins investigation after hackers leak 7TB customer data
Star Health and Allied Insurance, one of India's leading health insurance providers, is currently investigating a cybersecurity breach. The incident involves the alleged exposure of sensitive customer data, including medical records. According to TechCrunch, the company has initiated a "forensic investigation" following the online disclosure of this purportedly stolen data. A hacker group is believed to be behind this security breach, using Telegram chatbots to disseminate the personal information of Star Health's policyholders.
Policyholder data includes medical reports, insurance claims, and more
The leaked information included full names, phone numbers, home addresses, medical reports, and insurance claims of policyholders. Copies of ID cards and tax details were also among the leaked data. The breach was first reported by Reuters after discovering the Telegram chatbots leaking alleged Star Health customer data.
Star Health's legal action against Telegram
In response to the data breach, Star Health has taken legal action against Telegram for hosting the chatbots used in the leak. The company also named Cloudflare in its lawsuit for hosting the hacker group's website on its service. As a result of this legal action, interim injunctions have been issued to both Telegram and Cloudflare by the court, preventing them from allowing their platforms to be used by the hacker group to share Star Health's branding in any form.
Hacker group's website blocked by some internet providers
Following the court's interim injunctions, the hacker group's website was found to be inaccessible from certain internet providers in India. However, it remained accessible from others at press time. When blocked, the site redirected to a web address hosted on a Cloudflare domain. In response to TechCrunch's inquiry about these internet blocks, India's CERT-In stated that it is "already in process of taking appropriate action with the concerned authority."
