Star Health Insurance, one of India’s leading health insurance companies, is reportedly facing a massive data breach. Sensitive personal and insurance details of millions of customers have reportedly been compromised. The allegedly stolen data is on sale online. A threat actor, allegedly linked to xenZen, claims to have accessed 7.24TB of data belonging to over 31 million customers, and has reportedly listed the data for sale for $150,000. Additionally, smaller data sets containing 100,000 customer records are offered for $10,000 each. The breach has raised significant concerns over data protection and security in the country.

The hacker claims that the data stolen from Star Health included highly sensitive information like customer names, PAN numbers, mobile numbers, email addresses, dates of birth, residential addresses, policy numbers, details of pre-existing conditions, health card numbers and others. Is. Confidential medical records.

In a bold allegation, the hacker also alleged that Star Health’s Chief Information Security Officer (CISO) Amarjeet Khanuja allegedly “sponsored” the data leak by selling information to them directly. According to reports, Khanuja sold sensitive information, including salary and PAN card details of about 31 million Indian customers, to xenZen for $43,000.

DD Das, who raised the alarm over the breach, shared details of the events in the Star Health data hack case. As per DD Das’s tweet:

1. On July 6, 2024, Khanuja contacted Zenzen through an encrypted chat app called Talks, after being referred by a middleman named Denol.
2. They agreed to $28,000 in Monero (a cryptocurrency) for customer data.
3. Khanuja provided login credentials and API details via ProtonMail; The hacker paid and received the data.
4. On July 20, Khanujaa offered more claims data for an additional $15,000, and they repeated the process.
5. The hacker’s access was revoked after five days. Khanuja then demanded $150,000, claiming that senior management wanted a cut.
6. When the hacker refused, he listed the data for sale online.
7. As of September 25, a website called *StarHealthLeak* was launched, which offered customer and claims data through Telegram bots.

Meanwhile, Star Health has vehemently denied these claims and denied any involvement in the breach or sale of customer data. The company describes it as a “targeted malicious attack.” “We wish to clarify that our operations are fully functional, and services provided to customers will remain unaffected. “A thorough investigation is being conducted by our cybersecurity team and we will continue to work closely with the authorities to ensure that customer data remains secure,” Star Health said in a statement.

Star Health has confirmed that it has launched a comprehensive forensic investigation, involving independent cyber security experts to assist in the process. Star Health is working closely with government and regulatory agencies, including insurance and cyber security authorities, to deal with the situation. The insurer has also filed a criminal complaint and lawsuit against the hacker and messaging platform Telegram, where parts of the stolen data were reportedly first shared.

The data leak reported with Star Health Insurance could have serious and long-term consequences for those affected. Stolen personal and financial information can lead to identity theft, where bad actors misuse details like PAN numbers or mobile numbers to open fraudulent accounts. Financial fraud and targeted scams are also a significant risk, with scammers exploiting data to defraud victims. Additionally, compromised details can facilitate phishing attacks or even account takeovers, where hackers gain access to sensitive online accounts. In more serious cases, extortion attempts may be made by taking advantage of leaked health information.