Star Health faced $68,000 ransom demand following customer data leak: report

Star Health, India's largest health insurance provider, revealed on Saturday that it received a ransom demand of $68,000 from a hacker responsible for leaking customer data and medical records.

The company, which has a market capitalization of around $4 billion, is grappling with a major reputational crisis after it was reported in September that sensitive customer information, including tax details and medical claims, had been leaked through Telegram chatbots and a website.

The company, whose shares have fallen by 11% since the incident came to light, has initiated internal investigations and pursued legal action against both the hacker and Telegram. The hacker, known as xenZen, continues to release samples of Star Health’s customer data on a website. Star Health described itself as the victim of a "targeted malicious cyberattack."

For the first time, the insurer disclosed that the hacker had demanded the ransom via an email sent in August to the company’s managing director and CEO.

Despite the ongoing investigation, Star Health has reiterated that it has found no evidence of wrongdoing by its chief security officer, Amarjeet Khanuja, who has been accused of involvement in the breach.

Telegram has refused to share details of the hacker's account or ban them from the platform, despite multiple requests from Star Health. The company has also reached out to Indian cybersecurity authorities for assistance in identifying the hacker.

Tags: