Data breach: hacker claims senior Star Health executive sold data of 31 million customers

israel: Israel's judicial proposals prompt startups to relocate: government agency


Star Health Insurance, one of the largest health insurers in the country, recently suffered a massive data breach after a senior executive at the company allegedly sold the personal data of over 31 million customers to hackers, according to claims made on a hacker website.

The website, created by a hacker identified as xenZen, claimed that Amarjeet Khanuja, the chief information security officer of Star Health Insurance, sold the data and later attempted to renegotiate the deal, demanding more money for backdoor access on behalf of senior management.

“Star Health management CISO (Chief information security officer) Amarjeet (as mc6) sold all this data to me and then attempted to change deal terms saying senior management of company needs more money for backdoor access,” the website showed.

The hacker is now offering to sell the entire dataset for $150,000 or in smaller batches of 100,000 entries each for $10,000.

In response to an email query from ET, Star Health Insurance stated, “We acknowledge that we were the victim of a targeted malicious cyberattack, resulting in unauthorised and illegal access to certain data. We make it absolutely clear that our operations remain unaffected, and all services continue without disruption.”


“We also want to categorically mention that our CISO has been duly co-operating in the investigation and we have not arrived at any finding of wrongdoing by him till date. We request that his privacy be respected as we know that the threat actor is trying to create panic. We also want to emphasise that any unauthorised acquisition, possession, or dissemination of customer data is illegal,” it added.

Discover the stories of your interest


Last month, Star Health Insurance had filed a lawsuit against Telegram and a self-styled hacker after news website Reuters reported that the hacker was using chatbots on the messaging app to leak personal data and medical reports of policyholders.The breach exposed over 7.24 terabytes of sensitive customer information through Telegram bots. ET was able to access the sensitive data of multiple individuals through these bots, which included full names, Pan and mobile numbers, email addresses, dates of birth, residential addresses, pre-existing medical conditions, policy numbers, nominee details, as well as the height and weight of insured individuals.

Additionally, data on over five million insurance claims, including Aadhaar card and Pan card photos, detailed medical reports, and insurance claim information, is now circulating on the Telegram app, and accessible to the public.

This sensitive data can be used for identity theft, financial fraud, targeted scams, hacking other accounts, phishing attempts, account takeovers, and extortion.

This breach comes amid growing global scrutiny of Telegram and the arrest of its founder Pavel Durov in France last month, with concerns that the app’s features are being abused for illegal activities.



Source link

Online Company Registration in India

Leave a Reply

Your email address will not be published. Required fields are marked *