If you are a policyholder with Star Health Insurance, you might want to stay updated on a serious data breach incident. The personal information of over 3.1 crore policyholders has been leaked online, including sensitive details such as names, addresses, email IDs, mobile numbers, and even medical records. The leaked data is being shared via Telegram, with hackers making use of chatbots to distribute this information. This development has raised concerns about the safety and privacy of millions of policyholders.
Sensitive Data Exposed: What Has Been Leaked?
The leaked data reportedly contains critical personal information such as:
- Full names and addresses of policyholders
- Mobile numbers and email addresses
- Tax-related details
- Medical records, including test results and treatment reports
Hackers have been sharing these details through two separate chatbots on Telegram. One chatbot provides data in PDF format, while another allows users to obtain policy numbers and other details with a single click. This makes it dangerously easy for malicious actors to misuse the leaked information.
Star Health’s Response: Downplaying the Breach?
Star Health and Allied Insurance has acknowledged the data breach but has downplayed its severity. The company claims that the leak is not extensive and that they are in contact with law enforcement authorities to handle the situation. However, the leaked data includes very sensitive information, raising questions about the potential risks to affected policyholders.
According to Star Health, the breach was first detected on August 13, 2024, and the company immediately informed cybercrime authorities. However, the hackers continue to create new chatbots as soon as Telegram takes down the previous ones, making it difficult to fully contain the leak.
Real Policyholders Affected: Verified by Reuters
In a report by Reuters, a policyholder confirmed the authenticity of the leaked data. The leaked records included information about the treatment of the policyholder’s daughter in a hospital in Kerala, along with a bill of Rs 15,000. The Reuters team was able to download more than 1,500 documents from the leaked database, further verifying the scale of the breach.
Hackers Selling Data: How It’s Being Distributed
The leaked data is being offered for sale to potential buyers, with hackers providing samples to demonstrate its authenticity. A British security researcher, Jason Parker, informed Reuters about the leak after being tipped off by the creator of the chatbots. The data is said to contain a wide range of personal and financial information about policyholders, making it highly valuable to malicious actors on the dark web.
What Policyholders Should Do
For Star Health policyholders, this data breach highlights the importance of staying vigilant about their personal information. Policyholders are advised to monitor their financial accounts, watch out for any suspicious activity, and change passwords for accounts linked to their Star Health policies.
Additionally, anyone impacted by the leak should consider contacting the company and seeking clarity on the measures being taken to protect their data moving forward.
