Star Well being prospects’ knowledge is out there on Telegram, a hacker claims. In accordance with an IANS report, the hacker has put the whole 7.24TB knowledge belonging to over 3.1 crore prospects for open sale on an internet site for $150,000 (approx. Rs 57.5 lakh). The insurance coverage firm has confirmed the cyber assaults stating {that a} thorough forensic investigation is underway into the “focused malicious cyberattack“.The hacker claims that the information is sponsored by Star Well being and Allied Insurance coverage Firm, who offered this knowledge to him.
Hackers promoting Star Well being prospects’ knowledge
The hacker claims to offer “elements sale for 100,000 entries every for $10,000”, containing alleged insurance coverage claims knowledge of 57,58,425 Star Well being prospects (until early August 2024), together with 31,216,953 prospects (until July).
The hacker, who goes by the title “xenZen” wrote on the web site that “I’m leaking all Star Well being India prospects and insurance coverage claims delicate knowledge.”
“This leak is sponsored by Star Well being and Allied Insurance coverage Firm, who offered this knowledge to me immediately. You may verify the authenticity of the information within the Telegram bots under and examine how they offered it,” the hacker claimed.
What the hacked knowledge comprises
The leaked knowledge allegedly comprises full names, PAN numbers, cellular numbers, emails, date of delivery, residential addresses, insured date of delivery, insured names, gender, pre-existing ailments, coverage numbers, well being playing cards, nominee names, age, claims, nominee relationship, insured peak, weight, BMI and extra.
What the corporate stated
In an announcement to IANS, Star Well being Insurance coverage confirmed that the corporate has fallen sufferer to a focused malicious cyberattack, leading to unauthorised and unlawful entry to sure knowledge.
Star Well being Insurance coverage stated: “We make it completely clear that our operations stay unaffected, and all providers proceed with out disruption. A radical and rigorous forensic investigation, led by impartial cybersecurity consultants is underway, and we’re working intently with authorities and regulatory authorities at each stage of this investigation, together with by duly reporting the incident to the insurance coverage and cybersecurity regulatory authorities, other than submitting a legal criticism”.
The corporate additional added” “our CISO has been duly co-operating within the investigation and now we have not arrived at any discovering of wrongdoing by him until date. We request that his privateness be revered as we all know that the risk actor is making an attempt to create panic”.
“We additionally wish to emphasise that any unauthorised acquisition, possession, or dissemination of buyer knowledge is illegitimate.”
After the information leak was first reported, insurer Star Well being had filed a lawsuit towards the social media platform Telegram and the hacker.