BOOM

Trending Searches

    SUPPORT
    BOOM

    Trending News

      • Fact Check 
        • Fast Check
        • Politics
        • Business
        • Entertainment
        • Social
        • Sports
        • World
      • Law
      • Explainers
      • News 
        • All News
      • Decode 
        • Impact
        • Scamcheck
        • Life
        • Voices
      • Media Buddhi 
        • Digital Buddhi
        • Senior Citizens
        • Videos
      • Web Stories
      • BOOM Research
      • BOOM Labs
      • Deepfake Tracker
      • Videos 
        • Facts Neeti
      • Home-icon
        Home
      • About Us-icon
        About Us
      • Authors-icon
        Authors
      • Team-icon
        Team
      • Careers-icon
        Careers
      • Internship-icon
        Internship
      • Contact Us-icon
        Contact Us
      • Methodology-icon
        Methodology
      • Correction Policy-icon
        Correction Policy
      • Non-Partnership Policy-icon
        Non-Partnership Policy
      • Cookie Policy-icon
        Cookie Policy
      • Grievance Redressal-icon
        Grievance Redressal
      • Republishing Guidelines-icon
        Republishing Guidelines
      • Fact Check-icon
        Fact Check
        Fast Check
        Politics
        Business
        Entertainment
        Social
        Sports
        World
      • Law-icon
        Law
      • Explainers-icon
        Explainers
      • News-icon
        News
        All News
      • Decode-icon
        Decode
        Impact
        Scamcheck
        Life
        Voices
      • Media Buddhi-icon
        Media Buddhi
        Digital Buddhi
        Senior Citizens
        Videos
      • Web Stories-icon
        Web Stories
      • BOOM Research-icon
        BOOM Research
      • BOOM Labs-icon
        BOOM Labs
      • Deepfake Tracker-icon
        Deepfake Tracker
      • Videos-icon
        Videos
        Facts Neeti
      Trending Tags
      TRENDING
      • #Operation Sindoor
      • #Pahalgam Terror Attack
      • #Narendra Modi
      • #Rahul Gandhi
      • #Waqf Amendment Bill
      • #Arvind Kejriwal
      • #Deepfake
      • #Artificial Intelligence
      • Home
      • Explainers
      • Explained: Who Exposed Data Of 3...
      Explainers

      Explained: Who Exposed Data Of 3 Crore Star Health Customers?

      A hacker, claiming to have obtained the policyholders' data, alleged insider involvement, which Star Health denied in its official statement.

      By -  Hera Rizwan
      Published -  10 Oct 2024 12:34 PM IST
    • Boomlive
      Listen to this Article
      Explained: Who Exposed Data Of 3 Crore Star Health Customers?

      Star Health Responds to Data Breach, Refutes Insider Allegations

      • Star Health and Allied Insurance Co. Ltd. confirmed it was the victim of a malicious cyberattack, compromising data of over 31 million customers.
      • A hacker named xenZen claims to have obtained the data and alleges that a company official sold it to them. Star Health has denied these claims.
      • The company has filed a lawsuit against Telegram and an unidentified hacker and is actively pursuing legal remedies related to the breach.

      Star Health and Allied Insurance Co. Ltd., on Wednesday, announced that it had been the target of a malicious cyberattack, leading to unauthorised and illegal access to certain data, according to an official statement.

      The company has launched an investigation with the help of independent cybersecurity experts and is collaborating with government and regulatory authorities to address the breach.

      Following the announcement, shares of Star Health & Allied Insurance Company dropped 2.5 percent on Thursday, as it was revealed that the attack had compromised the data of over 31 million customers.

      Also Read:Why Is Telegram And Its Founder Pavel Durov In Trouble?

      Who is behind the leak?

      Approximately two weeks after Star Health filed a lawsuit against Telegram and an unidentified hacker over a data breach, a website surfaced on Wednesday, claiming to offer data on over 31 million of the company's customers for sale at $150,000.

      “I am leaking all Star Health India customers and insurance claims sensitive data. This leak is sponsored by Star Health and Allied Insurance Company, which sold this data to me directly. You can check the authenticity of the data in the Telegram bots below and read about how they sold it in the section below,” the hacker reportedly mentioned on the website.

      The website, set up by a hacker going by the name xenZen, claims to possess data on exactly 31,216,953 customers. It remains unclear if this hacker is the same individual named in the lawsuit. On the website, xenZen alleges that Star Health's Chief Information Security Officer, Amarjeet Khanuja, sold the data but later attempted to alter the terms of their agreement. The hacker also claims to have a screen-recorded video showing chats and emails with the Star Health official.

      Also Read:Not A First: IRCTC Insurance Portal Bug Exposed Passenger Details

      What has been leaked?

      In September, a report by Reuters uncovered that a hacker was exploiting chatbots on an app to leak personal data and medical records of Star Health policyholders.

      The breach exposed sensitive information from more than five million insurance claims, including Aadhaar and PAN card images, medical reports, and insurance claim details, all of which have become publicly accessible on Telegram.

      Reuters, while testing these chatbots, was able to download policy and claim documents containing names, phone numbers, addresses, tax details, ID card copies, test results, and medical diagnoses.

      In their testing, the news agency retrieved over 1,500 files, amounting to 7.24 terabytes of data, with some documents dating as recently as July 2024.

      In addition to the $150,000 offer for selling the entire dataset, the hacker also offered smaller bundles of 100,000 records for $10,000 each, with the option to negotiate 'custom packages'.

      To establish credibility, the hacker posted over 500 'random data samples' on a website, including several samples containing information on Indian government officials. These samples include email addresses, residential addresses, policy details, and mobile numbers, among other data.

      Also Read:Government Plugs Cloud Security Leak That Exposed Data For Over 2 Years

      How has Star Health responded?

      Star Health and Allied Insurance Co. Ltd., in its statement, confirmed that it fell victim to a "targeted malicious cyberattack, resulting in unauthorized and illegal access to certain data".

      The company reported that, following its investigation into the cyber attack that led to a data breach, it has found no evidence of misconduct by its Chief Information Security Officer.

      "A thorough and rigorous forensic investigation, led by independent cybersecurity experts, is underway, and we are working closely with government and regulatory authorities at every stage of this investigation," the statement read.

      It also confirmed that its operations remain unaffected by the breach, which was disclosed earlier in September, assuring that all services will continue without disruption.

      The company urged all platforms, hosting providers, social media channels, and users to take "swift and decisive action to halt such activities" and comply with the High Court's orders. The firm promptly approached the Madras High Court, which instructed all third parties to disable access to the compromised information. The health insurance company stated that it is actively pursuing the matter.

      Star Health, a provider of health, personal accident, and overseas travel insurance, operates through a network of more than 14,000 hospitals and over 850 branch offices across India. According to its website, the company has extended health insurance coverage to 170 million individuals.

      Also Read:"Mischievous": Centre Refutes Reports Of Co-WIN Data Leak


      Tags

      Data LeakCybercrimecybersecurity
      Read Full Article
      Next Story
      Our website is made possible by displaying online advertisements to our visitors.
      Please consider supporting us by disabling your ad blocker. Please reload after ad blocker is disabled.
      X

      Subscribe to BOOM Newsletters

      👉 No spam, no paywall — but verified insights.

      Please enter a Email Address
      Subscribe for free!

      Stay Ahead of Misinformation!

      Please enter a Email Address
      Subscribe Now🛡️ 100% Privacy Protected | No Spam, Just Facts
      By subscribing, you agree with the Terms & conditions and Privacy Policy connected to the offer

      Thank you for subscribing!

      You’re now part of the BOOM community.

      Or, Subscribe to receive latest news via email
      Subscribed Successfully...
      Copy HTMLHTML is copied!
      There's no data to copy!