Star Health and Allied Insurance, a well-known health insurance company in India, recently fell victim to a cyberattack. The company confirmed that it experienced a malicious cyberattack that led to unauthorized access to certain data. However, the company assured that its operations were not affected, and it continued to provide services to its customers.
In response to the cyberattack, Star Health initiated a thorough forensic investigation conducted by independent cybersecurity experts. The company is collaborating with government and regulatory authorities to address the incident properly. Star Health has reported the cyberattack to insurance and cybersecurity regulatory authorities and has filed a criminal complaint.
The cyberattack involved the exposure of customers’ health records and other sensitive data. Last month, a hacker group used Telegram chatbots to leak alleged personal data of 31 million Star Health policyholders and over 5.8 million insurance claims. The leaked data included full names, phone numbers, home addresses, medical reports, insurance claims, customer ID cards, and tax details of individuals.
Following the discovery of the hackers’ Telegram bots, Star Health took legal action by filing a complaint with the Madras High Court against Telegram for hosting the chatbots. The insurer also included Cloudflare in its lawsuit for hosting the hacker group’s websites. India’s CERT-In, the national cybersecurity agency, is actively involved in addressing the cyberattack.
The specifics of the data breach and how the hackers gained access to customers’ data remain unclear. The hackers’ website, used to publicize the stolen data, includes a video showing screenshots and conversations between Star Health’s Chief Information Security Officer (CISO) and the hacker group. Star Health emphasized that their CISO is cooperating with the investigation, and no evidence of wrongdoing has been found.
Despite being asked about the identity of the data access perpetrator and the extent of the data breach, Star Health did not provide detailed information. The company offers health, personal accident, and travel insurance, with a vast network of hospitals and branch offices across India. Star Health claims to have provided health insurance coverage to 170 million individuals.
In conclusion, the cyberattack on Star Health and Allied Insurance highlights the increasing threat of cybersecurity breaches in the digital age. It underscores the importance of robust cybersecurity measures and proactive response strategies to safeguard sensitive data and protect customers’ privacy. The incident serves as a reminder for organizations to prioritize cybersecurity and invest in advanced security solutions to mitigate cyber risks effectively.
