Star Health and Allied Insurance, one of India's largest health insurance companies, has been arrested nearly two weeks after cybercriminals claimed to have posted customers' health records and other sensitive data online. The company admitted that it had been the target of a “malicious cyber attack.”
The Chennai-headquartered insurance giant told TechCrunch in a statement on Wednesday that the cyberattack resulted in “unauthorized and illegal access to certain data,” but that its operations were not affected and its services remain unchanged. He said it continued.
“A thorough and rigorous forensic investigation led by independent cybersecurity experts is underway, and we are working closely with government and regulators at every stage of this investigation, including “This includes formally reporting the incident to insurance and cybersecurity regulators, apart from filing criminal charges,” the company said in a statement.
In response to questions from TechCrunch, Star Health did not say whether the data breach included any customer data.
Last month, a group of hackers created a chatbot on Telegram that leaked personal data purportedly belonging to 31 million Star Health policyholders and over 5.8 million insurance claims. The data included individuals' names, phone numbers, and home addresses, as well as medical reports and insurance claims. The hackers also shared copies of customer ID cards and personal tax details.
Star Health told TechCrunch at the time that the company was “investigating” the alleged theft.
Immediately after the hacker's Telegram bot came to light, Star Health filed a case in the Madras High Court against Telegram, which was hosting the chatbot. The insurance company also named Cloudflare in the lawsuit for its role in hosting the hacker group's website on its service.
India's CERT-In earlier told TechCrunch that it is “already taking appropriate steps with the relevant authorities.”
Details of the breach and how the hackers obtained potentially millions of customer data remain unclear.
The hacker's website is being used to promote Telegram bots that share allegedly stolen personal data, including a screen shot between Star Health CISO Amarjeet Kanuja and the hacker group. It includes a video that purports to show shots and conversations. TechCrunch does not link to this site because it contains personally identifiable information.
The company's CISO's role, if any, in the cyber attack is still unclear.
“We would also like to categorically state that our CISO is officially cooperating with the investigation and to date has not found any wrongdoing on his part. “We ask that you respect his privacy,” the insurance company said Wednesday.
TechCrunch is looking into specifics, including whether insurance companies can see who accessed the data, whether it was an insider or a malicious intruder, and whether they can understand and confirm what was accessed and what has already been exfiltrated. I asked a question. The insurance company didn't say.
Star Health offers health insurance, personal accident insurance, overseas insurance and travel insurance and has a network of over 14,000 hospitals and over 850 branches across India. Star Health says on its website that it provides health insurance to 170 million people.