Star Health, a leading insurance provider in India, has fallen victim to a massive cyberattack that compromised the personal data of 31 million individuals. UK-based security researcher Jason Parker revealed that the breach exposed sensitive information, including medical reports, policy details, claim histories, and medical diagnoses.
Alongside these, personal details like names, addresses, phone numbers, tax information, and ID copies were also leaked. The total volume of data compromised is estimated to be around 7.24 terabytes, marking one of the most significant data breaches in India’s healthcare sector.
The stolen data has been made available through Telegram chatbots created by a user named “xenZen.” These bots allow individuals to request or download samples of the stolen information for free, while the entire dataset is allegedly for sale.
Star Health Cyberattack Exposes Data of 31 Million, Sensitive Information Leaked on Telegram
Despite Telegram taking down many of these bots after user reports, new ones keep surfacing, with two still actively offering access to Star Health data. One of the bots allows users to download up to 20 samples, while the other provides simplified samples in PDF format, demonstrating the persistence of these malicious activities.
This breach became public when the creator of the chatbot contacted a security researcher, who then alerted Reuters. To verify the claim, Reuters posed as a potential buyer and downloaded about 1,500 files of compromised data.
Victims of the breach confirmed the authenticity of the leaked data, including Pankaj Subhash Malhotra, a policyholder whose medical tests, tax accounts, and other personal documents were exposed. The hacker “xenZen” also confirmed to Reuters that they were in negotiations with potential buyers, though their identities and intentions remain unclear.
Star Health initially downplayed the severity of the breach, claiming that sensitive information had not been compromised and that the breach was limited. However, the evidence contradicts these claims, revealing the far-reaching scope of the attack.
The insurance company has since reported the incident to Tamil Nadu’s cybercrime division and the federal cybersecurity agency CERT-In, and has been working with authorities to contain the damage caused by the breach.
In its response, Star Health has assured customers that their data security is a top priority and emphasized that they will not tolerate the unauthorized distribution of personal information.
Despite these assurances, concerns persist as sensitive data remains available for purchase or download through Telegram chatbots, raising questions about the effectiveness of ongoing efforts to protect affected individuals and prevent further exploitation of the stolen data.
