Personal data of 3 cr Star Health customers leaked
October 09, 2024 21:52Pic: Reuters
Personal data like mobile numbers, PAN, addresses and pre-existing medical conditions of about 3.1 crore customers of Star Health Insurance is allegedly available on a website created by a hacker identified as xenZen.
The hacker claimed that Star Health's Chief Information Security Officer (CISO) sold all the data and later tried to change the terms of their deal.
According to the details shared by the UK-based researcher Jason Parker on September 20, a hacker by the name of xenZen has published a website with sample data of Star Health Insurance Company and an email communication with a top official responsible for handling and managing the digital network of the company.
"I am leaking all Star Health India customers and insurance claims sensitive data. This leak is sponsored by Star Health and Allied Insurance Company, who sold this data to me directly," xenZen claimed.
Clarifying on the matter Star Health Insurance in a statement said, a thorough and rigorous forensic investigation, led by independent cybersecurity experts is underway, and the company is working closely with government and regulatory authorities at every stage of this investigation.
"We also timely approached the Madras high court which in an order has directed all including certain third parties to disable access to the relevant information. We are diligently pursuing the implementation of this order," it said.
The company categorically mentioned that the CISO has been duly co-operating in the investigation and has not arrived at any finding of wrongdoing by him till date.
"We also want to emphasise that any unauthorised acquisition, possession, or dissemination of customer data is illegal. We urge all platforms, hosting companies, social media channels and users to take swift and decisive action to halt such activities and comply with the orders of the high court," it said.