Customer data from Star Health, India’s largest health insurer, has been leaked and made accessible via Telegram chatbots, as reported by Reuters. This leak includes sensitive information such as medical reports, policy details, and personal identification, raising major concerns about data security. The breach was discovered by a security researcher, who informed Reuters about the availability of millions of customers’ personal data through these chatbots. The hacker behind the leak claims to have 7.24 terabytes of data involving over 31 million Star Health customers.
As Reuters stated, Star Health confirmed they had reported the unauthorized data access to local authorities and reassured that their initial assessment showed no widespread compromise, stating that sensitive data remains secure. However, Reuters was able to download policy and claims documents through the chatbot, revealing private details such as phone numbers, medical diagnoses, and tax details.
This incident highlights the growing misuse of Telegram’s chatbot technology for illegal activities. Telegram, founded by Russian-born Pavel Durov, has faced increasing scrutiny following his recent arrest in France. The platform’s lack of stringent content moderation has allowed malicious actors to exploit its features, as demonstrated by this data breach.
Star Health is valued at over $4 billion, and this breach illustrates the challenges Indian companies face in safeguarding customer data amid rising cyber threats.