Hacker Uses Telegram Chatbots to Leak Data from India’s Largest Health Insurer

A major data leak from India's leading health insurer, Star Health, has exposed sensitive customer information through Telegram chatbots. This breach has left private medical reports, personal identification, and insurance claims accessible to the public. The leak comes just weeks after Telegram was criticized for allowing its platform to facilitate criminal activity.

The hacker behind the chatbots, using the alias "xenZen," claims to possess over 7.24 terabytes of data, affecting more than 31 million Star Health customers. Security researcher Jason Parker discovered the leak and alerted Reuters. According to Parker, the chatbot has been operational since August 6, 2024, and offers random samples of customer data for free, with bulk data available for purchase.

Star Health and Allied Insurance, a company valued at over $4 billion, acknowledged the breach but stated that their initial investigation revealed "no widespread compromise" and assured that sensitive customer data remains secure. However, Reuters was able to access policy documents, medical records, tax details, and ID cards, raising concerns about the insurer’s data security measures.

Telegram has responded by taking down the offending chatbots after being notified, but similar bots have quickly resurfaced. The chatbots demonstrate the difficulty of controlling the misuse of Telegram's technology for illegal purposes. Telegram, with over 900 million active monthly users, allows individuals to create chatbots, often used for automation and content distribution, but also exploited for criminal activities.

The Star Health incident is part of a growing trend where hackers use Telegram to sell stolen data. In 2022, a NordVPN study revealed that India was the largest market for such data, with 12% of victims being Indian citizens.

The leaked data includes highly personal medical information, such as the case of a one-year-old child from Kerala, whose medical history and test results were exposed. Another victim, Pankaj Subhash Malhotra, confirmed that his tax and medical records were leaked but was unaware of any breach until contacted.

Despite efforts by Telegram to remove these chatbots, the persistence of new ones highlights the growing cybersecurity challenges faced by Indian companies and the global community. Star Health has reported the issue to local and federal authorities and assured its customers that their privacy is their top priority.