India's Star Health has confirmed a data breach after cybercriminals leaked customers' health information online.

One of India's largest health insurance companies, Star Health and Allied Insurance, has confirmed that it was targeted by a "malicious cyberattack"
India's Star Health has confirmed a data breach after cybercriminals leaked customers' health information online.

One of India's largest health insurance companies, Star Health and Allied Insurance, has confirmed that it was targeted by a "malicious cyberattack" two weeks after hackers claimed to have published customers' health records and other sensitive data online.

A cyberattack was a prime concern that had faced the insurance giant headquartered in Chennai during the period under contention. According to the firm, on Wednesday, it said unauthorised and illegal access had been gained to some data. It said its operations remained unaffected and services continued.

"A thorough and painstaking forensic investigation by independent cybersecurity experts is currently underway, and we are working closely with government and regulatory authorities at every step of this investigation, including by duly reporting the incident to the insurance and cybersecurity regulatory authorities apart from filing a criminal complaint," the company said in its statement.

But Star Health would not say to TechCrunch whether the data breach includes customers' data.

In April, a hacking group developed chatbots on Telegram that released the personal data allegedly of 31 million Star Health policyholders and over 5.8 million insurance claims. Leaked data included the full names, phone numbers, and home addresses of individuals along with their medical reports and insurance claims. Other than this, hackers even posted photos of ID cards and tax information of customers.

At the time, Star Health said TechCrunch was "investigating" the alleged theft.
 
Less than a week after hackers' Telegram bots gained public notice, Star Health filed a legal complaint in the Madras High Court against Telegram for hosting the chatbots. In the lawsuit, it also named Cloudflare for hosting hacker group websites on its service.

India's CERT-In told TechCrunch earlier that it was "already in process of taking appropriate action with the concerned authority."
The breach is still unknown as the background about how the hackers got access to potentially millions of customers' data is still unclear.

The hackers' website that publicity was given through to share the allegedly stolen person data by the Telegram bots includes a video that allegedly holds screenshots and conversations between Star Health CISO Amarjeet Khanuja and the hacker group. TechCrunch is not linking to the site as it contains personally identifiable information.

The company's role of its CISO in the cyberattack, if any, is yet unknown.

The insurer said on Wednesday: "We also want to categorically mention that our CISO has been duly co-operating in the investigation, and we have not arrived at any finding of wrongdoing by him till date. We request that his privacy be respected as we know that the threat actor is trying to create panic.

Specific questions were also posed by TechCrunch, one asking whether the insurance company was able to determine who accessed the data, whether that person is an insider or some kind of malevolent hacker, and whether it knows and can confirm what has been accessed or taken already. The insurance company would not say.

Star Health, which provides health, personal accident, and overseas and travel insurance, boasts a network of over 14,000 hospitals and more than 850 branch offices across India. Its website claims it has covered 170 million people under its health insurance policies.

Blog
|
2024-10-10 18:42:06