Internet Data Breach Involves Star Health Medical Records of Over 31 Million Customers

Overview of the Data Breach

In what could be one of the biggest internet data breaches in Indian history, personal data of millions of customers of listed general insurance major Star Health & Allied Insurance is allegedly up for sale on the messaging app Telegram. An unidentified hacker stole private data, including medical records of over 31 million customers of Star Health and made it publicly accessible on Telegram by creating chatbots on the platform, Reuters reported.

Medical Records Available for Download

Data of Star Health customers such as policy and claim documents, including names, contact info, addresses, tax details, copies of ID cards, test results, and medical diagnosis is reportedly available for download on the Telegram app. While Telegram took down these chatbots after the issue was first reported, new chatbots have since emerged, selling private details of Star Health customers.

Responsibilities of the Hacker

A hacker, who goes by the moniker xenZen, has purportedly claimed responsibility for creating the Telegram chatbots used for distributing Star Health data on an unknown online hacking forum.

Star Health’s Response

Star Health & Allied Insurance has reportedly lodged a complaint with the cybercrime department of its home state Tamil Nadu and the federal cybersecurity agency CERT-In. The company stated preliminary findings did not show widespread compromise and sensitive customer data remains secure.

Broader Implications

This incident occurs amidst increasing scrutiny surrounding Telegram's role in facilitating illicit activities. The platform faces possible regulatory actions, with ongoing investigations by the Indian Cyber Crime Coordination Centre (I4C) and the Ministry of Electronics and Information Technology (MeitY) regarding allegations of gambling and extortion.