Chennai-based Star Health and Allied Insurance has confirmed that it was the target of a “malicious cyberattack” resulting in hackers getting access to sensitive data weeks after cybercriminals claimed to have exposed the personal data of millions of its customers online.
In September 2024, cybercriminals leaked over 7.24 terabytes of sensitive Star Health customer data, including 31 million Star Health and Allied Insurance policies, medical records, tax documents, and personal identification information on Telegram.
Although Telegram took down the chatbots that distributed the data, new ones emerged.
In a statement given to TechCrunch on Wednesday, Star Health acknowledged “unauthorised and illegal access to certain data” but assured that its operations remain unaffected and services continue as usual.
The company has also launched a comprehensive forensic investigation led by independent cybersecurity experts. Star Health also stated that it collaborates closely with government agencies and regulatory bodies throughout the investigation. The insurer had already filed a criminal complaint regarding the breach, though it has refrained from disclosing whether customer data was compromised.
However, Star Health has still not confirmed the scope of the data theft, maintaining that it is still investigating the situation. Shortly after the hackers’ Telegram bots were discovered, the insurer took legal action, filing a complaint with the Madras High Court against Telegram for hosting the bots.
The complaint also names Cloudflare, alleging that the company provided hosting services for the hacker group’s websites.
While details of the breach remain unclear, India’s Computer Emergency Response Team (CERT-In) has reportedly started taking appropriate actions. The hackers have also released a video purporting to show communications between Star Health’s Chief Information Security Officer (CISO), Amarjeet Khanuja, and the hacker group.
However, Star Health strongly denies any wrongdoing by its CISO, urging the public to respect his privacy and stating that he has been fully cooperative in the ongoing investigation.
In the News: Internet Archive DDoS and breach leaks 31M+ user records