India’s Star Health Confirms Data Breach After Customers’ Details Leak Online

• Indian insurance company Star Health acknowledged being hit by a cyberattack in July.
• Information on whether customer data was compromised in the breach is not officially available.
• However, a threat actor announced selling the data breach on a popular hacker forum, offering free samples via Telegram.

Star Health and Allied Insurance Company, one of India's premier health insurers, has confirmed a data breach following cybercriminals' claims that they disseminated customers' health records online via Telegram.

The Chennai-based insurance titan acknowledged in a statement to TechCrunch that it was hit by a “malicious cyberattack.” Although the attack resulted in “unauthorized and illegal access to certain data,” Star Health assured stakeholders that its operational capabilities remained intact, with no disruptions to its services.

Star Health suffered a cyberattack in July, and while the company has not yet confirmed whether customer data was compromised in the breach, a hacker group on Telegram has allegedly released the personal data of 31.2 million policyholders, including over 5.8 million insurance claims. 

The leaked information comprises sensitive details such as full names, contact numbers, residential addresses, medical records, insurance claims, and even customer ID cards and tax details.

In response to the hackers' Telegram chatbots, Star Health pursued legal action, filing a complaint with the Madras High Court against Telegram and Cloudflare, the latter being accused of hosting the hacker group's websites.

India’s Computer Emergency Response Team (CERT-In) has also been engaged, stating that it is actively working with relevant authorities to address the situation.

The intricacies of the breach and methods employed by the hackers to procure potentially millions of personal records remain obscure. Additionally, a website the hackers utilize to promote the Telegram bots features a video purportedly revealing exchanges between Star Health's Chief Information Security Officer (CISO), Amarjeet Khanuja, and the perpetrators. 

Independent cybersecurity experts are spearheading an exhaustive forensic investigation. The company is also working closely with government and regulatory bodies, providing necessary incident reports to insurance and cybersecurity authorities, and lodging a criminal complaint as part of its response protocol.

While the exact implications of these interactions are unclear, Star Health has affirmed that their CISO is actively cooperating with the ongoing investigation, emphasizing that no evidence of misconduct has surfaced thus far.