Health Insurer, Star Health says it received $68,000 ransom demand after data leak
New Delhi: Star Health (STAU.NS), opens new tab, India's biggest health insurer, on Saturday said it had received a ransom demand of $68,000 from a cyberhacker in connection with a leak of customer data and medical records.
Star, which has a roughly $4 billion market cap, is battling a reputational and business crisis since Reuters reported on Sept. 20 that a hacker had used Telegram chatbots and a website to leak customers' sensitive data, including tax details and medical claim papers.
The company, whose shares have declined 11%, has launched internal investigations and has taken legal action against Telegram and the hacker, whose website continues to share samples of Star customers' data.
Also Read:Cyber attack at Ahmedabad hospital, hackers demand bitcoins worth USD 70000
Star, which has previously said it is a "victim of a targeted malicious cyberattack", on Saturday revealed for the first time that in August "the threat actor demanded a ransom of $68,000 in an email" addressed to the company's managing director and its chief executive.
The statement came after Indian stocks exchanges sought clarifications from Star on a Friday over a Reuters report that the company was investigating allegations that its chief security officer was involved in the data leak.
Star reiterated on Saturday it has found no wrongdoing by the official, Amarjeet Khanuja, though the internal investigation is ongoing.
Telegram has declined to share the account details or permanently ban accounts linked to the hacker - an individual dubbed xenZen - "despite multiple notices issued in this regard," Star said on Saturday.
Star said it has "sought the assistance" of Indian cyber security authorities to "help us identify" the hacker.
Telegram did not respond to a request for comment.
The Dubai-based messenger app has previously said it removed the chatbots when Reuters flagged them to the platform.
Also Read:Health Ministry website allegedly targeted by Russian hackers, CERT-IN support sought
Disclaimer: This website is primarily for healthcare professionals. The content here does not replace medical advice and should not be used as medical, diagnostic, endorsement, treatment, or prescription advice. Medical science evolves rapidly, and we strive to keep our information current. If you find any discrepancies, please contact us at corrections@medicaldialogues.in. Read our Correction Policy here. Nothing here should be used as a substitute for medical advice, diagnosis, or treatment. We do not endorse any healthcare advice that contradicts a physician's guidance. Use of this site is subject to our Terms of Use, Privacy Policy, and Advertisement Policy. For more details, read our Full Disclaimer here.
NOTE: Join us in combating medical misinformation. If you encounter a questionable health, medical, or medical education claim, email us at factcheck@medicaldialogues.in for evaluation.