Prominent insurer Star Health Insurance acknowledged an alarming data breach that resulted in the compromising of millions of clients’ sensitive information.
In addition to sensitive information like PAN, salaries, residential addresses, policy numbers, pre-existing conditions, and other health information, the hacked data also contains personal information like names, dates of birth, mobile numbers, and email addresses.
Star Health Insurance was hacked by ?
Amarjee Khanuja, the Chief Information Security Officer of Star Health Insurance, allegedly sold the data to them directly for $43,000, according to a user going by the handle xenZen, who claimed responsibility for the attack.
clients’ insurance information is available for sale thanks to the hacker who allegedly released 7.24 TB of data containing details about over 31 million clients. The entire set of data was available for $150,000, but it was also provided in partial sets of 1 lakh customer records for $10,000 each.
The incident came to light when Deedy Das, an X user, expressed concern over the data leak by noting, “Nothing is private in India.” Deedy claimed that on July 26, Khanuja communicated with xenZen via the encrypted chat service Tox. They supposedly agreed to exchange the data for $28,000 worth of Monero, a cryptocurrency. After that, the hacker paid and used the login information and API details that Khanuja had supposedly sent via ProtonMail to access the data.
On July 20, Khanuja is said to have sold more data for an additional $15,000. But within a week, Deedy claimed, Khanuja withdrew access and demanded $150,000 for senior management.
The hacker declined, though, and the data was subsequently put up for sale online. A website was created in September to provide Telegram bots with consumer data.
But claims that Star Health was involved in the “targeted malicious attack” have been refuted. It has brought legal action against both the hacker and Telegram, the platform from which the original data leak occurred.
The health insurance asserted that its cybersecurity team is conducting an investigation while maintaining full operational capability and uninterrupted consumer services. “We are still collaborating with law enforcement to guarantee that consumer information is secure,” the business declared.