Star Health got $68000 ransom call in connection with leak of customer data

Star, which has a roughly $4 billion market cap, is battling a reputational and business crisis since Reuters reported on September 20 that a hacker had used Telegram chatbots and a website to leak customers’ sensitive data, including tax details and medical claim papers

Reuters New Delhi Published 13.10.24, 06:42 AM

Data leak fallout File image

Star Health, India’s biggest health insurer, on Saturday said it had received a ransom demand of $68,000 from a cyberhacker in connection with a leak of customer data and medical records.

The purported creator of the chatbots told a security researcher that private details of millions of people were for sale and that samples could be viewed by asking the chatbots to divulge.

The company, whose shares have declined 11 per cent, has launched internal investigations and has taken legal action against Telegram and the hacker, whose website continues to share samples of Star customers’ data.

The lawsuit came amid growing scrutiny of Telegram globally and the arrest of its founder Pavel Durov in France in September, with the app’s content moderation and features allegedly abused for illegal activities.

Star, which has previously said it is a “victim of a targeted malicious cyberattack”, on Saturday revealed for the first time that in August “the threat actor demanded a ransom of $68,000 in an email” addressed to the company’s managing director and its chief executive.

The statement came after Indian stocks exchanges sought clarifications from Star on a Friday over a Reuters report that the company was investigating allegations that its chief security officer was involved in the data leak.

Star reiterated on Saturday it has found no wrongdoing by the official, Amarjeet Khanuja, though the internal investigation is ongoing.

Telegram has declined to share the account details or permanently ban accounts linked to the hacker — an individual dubbed xenZen — “despite multiple notices issued in this regard”, Star said on Saturday.

Star said it has “sought the assistance” of Indian cyber security authorities to “help us identify” the hacker.

Telegram did not respond to a request for comment.

The Dubai-based messenger app has previously said it removed the chatbots when Reuters flagged them to the platform.

Star Health got $68000 ransom call in connection with leak of customer data

Star, which has a roughly $4 billion market cap, is battling a reputational and business crisis since Reuters reported on September 20 that a hacker had used Telegram chatbots and a website to leak customers’ sensitive data, including tax details and medical claim papers

RELATED TOPICS

NCP leader and ex-Maharashtra minister Baba Siddiqui shot dead in Mumbai, two held

Doctors’ body announces 48-hour cease-work across India in support of Bengal medics

IITs disregard fee waiver to Scheduled Caste and Scheduled Tribe students

Baba Siddique's murder shows Maharashtra's crumbling law and order situation

China's 'New Great Wall' nettles Nepal: Border breaches threaten land and way of life

Centre tightens Jammu and Kashmir cop control ahead of swearing-in of new government

For Japan's atom bomb survivors, Nobel & reckoning: Plea to abolish nuclear weapons

Chronic stress disrupts gut bacteria, promotes progression of colorectal cancer: Study

Dussehra celebrations sweep across India from Delhi to Amritsar to Patna

Former Delhi University professor GN Saibaba passes away

Jigra: Alia Bhatt transforms into ‘angry young woman’ in Vasan Bala’s jail break thriller

Congress analysing Haryana assembly poll loss, booth wise report sought