Indian Health Insurer Star Health Gets Ransom Demand Just Few Weeks After Data Breach
- A few weeks after a cyberattack, renowned Indian health insurer Star Health gets a ransom demand for $68,000.
- The attack took place in the last week of September and personal information of more than 31 million users was compromised through Telegram chatbots and a website.
- An investigation is already underway. There are also rumors that the company’s CISO, Amarjeet Khanuja, might have been involved in this, but it hasn’t been confirmed yet.
Almost a month after a major data breach, renowned Indian health insurer Star Health has received a ransom demand of $68,000 through an email.
About the Breach
In late September, the company revealed that some threat actors managed to gain illegal access to certain data on its system.
Although its operation and business remained unaffected by this breach, things took a turn for the worse when the data was leaked online through Telegram chatbots and a website. In total, the data of 31 million people was leaked.
Leaked data included full names, addresses, phone numbers, customer IDs, tax details, medical reports, and insurance claims (over 5.8 million insurance claims were leaked).
Initially, when asked whether customer data had been compromised in the breach, the company didn’t say anything. However, it was soon revealed (after the hackers leaked it online) that personally identifiable data was indeed compromised.
What Is the Company Doing Now?
Telegram has neither made a comment nor revealed any details about the hosts of the aforementioned Telegram chatbots.
Star Link also assured that they’re taking the breach seriously. A report has been submitted to the insurance and cybersecurity regulatory authorities, and a thorough forensic investigation is already underway. Independent cybersecurity experts along with government bodies are involved in this investigation.
We don’t know which hacker group is involved in this – only the Telegram user named xenZen was recognized. However, there’s major controversy surrounding it.
Some rumors suggest that the company’s CISO, Amarjeet Khanuja, was also involved. There was also a video shared by one of the chatbots that showed a leaked conversation between Khanuja and the hackers. However, his involvement hasn’t yet been verified.
The company has addressed this accusation and said that Khanuja is cooperating with the investigation. So, everyone is requested to respect their privacy and stay calm because there’s a good chance that the hackers are simply trying to create panic by spreading false information.
Star Link, which has a market cap of nearly $4 billion and is connected to roughly 14,000 hospitals, is feeling the pressure of this breach, seeing as the company’s share prices have already dipped by 11%.