Star Health, India’s biggest health insurer, on Saturday said it had received a ransom demand of $68,000 from a cyberhacker in connection with a leak of customer data and medical records.
Star, which has a roughly $4 billion market cap, is battling a reputational and business crisis since Reuters reported on September 20 that a hacker had used Telegram chatbots and a website to leak customers’ sensitive data, including tax details and medical claim papers.
The purported creator of the chatbots told a security researcher that private details of millions of people were for sale and that samples could be viewed by asking the chatbots to divulge.
The company, whose shares have declined 11 per cent, has launched internal investigations and has taken legal action against Telegram and the hacker, whose website continues to share samples of Star customers’ data.
The lawsuit came amid growing scrutiny of Telegram globally and the arrest of its founder Pavel Durov in France in September, with the app’s content moderation and features allegedly abused for illegal activities.
Star, which has previously said it is a “victim of a targeted malicious cyberattack”, on Saturday revealed for the first time that in August “the threat actor demanded a ransom of $68,000 in an email” addressed to the company’s managing director and its chief executive.
The statement came after Indian stocks exchanges sought clarifications from Star on a Friday over a Reuters report that the company was investigating allegations that its chief security officer was involved in the data leak.
Star reiterated on Saturday it has found no wrongdoing by the official, Amarjeet Khanuja, though the internal investigation is ongoing.
Telegram has declined to share the account details or permanently ban accounts linked to the hacker — an individual dubbed xenZen — “despite multiple notices issued in this regard”, Star said on Saturday.
Star said it has “sought the assistance” of Indian cyber security authorities to “help us identify” the hacker.
Telegram did not respond to a request for comment.
The Dubai-based messenger app has previously said it removed the chatbots when Reuters flagged them to the platform.