Hackers Share Stolen Data From India’s Largest Health Insurer via Telegram

Photo by Accuray on Unsplash

Hackers Share Stolen Data From India’s Largest Health Insurer via Telegram

Reading time: 2 min

  • Andrea Miliani

    Written by: Andrea Miliani Tech News Expert

  • Justyn Newman

    Fact-Checked by Justyn Newman Lead Cybersecurity Editor

In a Rush? Here are the Quick Facts!

  • Hackers stole data from Start Health and shared it via Telegram chatbots
  • Reuters got access to more than 1,500 documents and confirmed the authenticity of selected documents
  • Star Health and Allied Insurance claims data is secure

Hackers shared data stolen from Star Health, India’s largest health insurer, through chatbots on Telegram according to a recent exclusive by Reuters.

The data included medical reports and were offered for sale through the platform. Malicious actors also provided samples through the chatbot which would provide information to anyone who asked it to view it.

Even though Star Health and Allied Insurance assured Reuters that sensitive information has not been compromised and that customers’ data remains secure—but did report unauthorized access to authorities in India—, the news agency was able to download documents that included tax details, names, phone numbers, test results, addresses, copies of IDs, and medical diagnoses through the chatbots.

During its research, Reuters was able to download 1,500 files, including recent results from July this year. “If this bot gets taken down watch out and another one will be made available in a few hours,” wrote the bot in a welcome message through the platform.

One of the chatbots provides PFD documents, and the other bot provides samples with sensitive information, up to 20, from 31.2 million datasets in just a few clicks. One of the documents retrieved by Reuters included details of the “treatment of the one-year-old daughter of policyholder Sandeep TS,” and the information was true and verified by TS, who was not notified by the health insurance company about the leak.

The chatbots were reported and taken down within 24 hours, but new ones reappear.

“The sharing of private information on Telegram is expressly forbidden and is removed whenever it is found. Moderators use a combination of proactive monitoring, AI tools, and user reports to remove millions of pieces of harmful content each day,” said Remi Vaughn, a spokesperson from Telegram.

This story was shared just weeks after Telegram’s CEO Pavel Durov was arrested in France for not providing enough moderation and safety measures, allowing crimes through the platform.

Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!
5.00 Voted by 1 users
Title
Comment
Thanks for your feedback
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Show more...