Who Hacked Star Health Insurance? Stolen data of 31 million customers put up for sale online – La Setmana

Leading insurer Star Health Insurance has admitted to a shocking data breach after the private data of millions of customers was compromised.

The leaked data not only includes personal information like names, dates of birth, mobile numbers and email IDs, but also sensitive details like PAN, salary, residential addresses, policy numbers, pre-existing conditions and other health details.

Who Hacked Star Health Insurance?

One user, identified as xenZen, claimed responsibility for the hack, claiming that Amarjee Khanuja, chief information security officer at Star Health Insurance, sold the data directly to them for $43,000.

Customers’ insurance details have been put up for sale by the hacker who allegedly leaked 7.24TB of data consisting of information on more than 31 million customers. All the data was offered for $150,000, while it was partially offered in customer registration packages from $1 lakh to $10,000.

The incident came to light when user X Deedy Das raised the alarm about the data leak, saying “Nothing is private in India”. Deedy alleged that Khanuja contacted xenZen through Tox, an encrypted chat messenger, on July 26. They allegedly cut a deal for $28,000 Monero, a cryptocurrency, in exchange for the data. After that, the hacker made the payment and accessed the data using login credentials and API details allegedly provided by Khanuja through ProtonMail.

Khanuja allegedly sold more data for an additional $15,000 on July 20. Deedy alleged that Khanuja, however, revoked access within a week, demanding $150,000 for top management. But the hacker refused and the data was later put up for sale online. In September, a website was created to provide customer data using Telegram bots.

However, Star Health has rejected allegations of its involvement in the “targeted malicious attack”. He has filed a lawsuit against the hacker as well as Telegram, where the data was initially leaked

Claiming that its operations are fully functional and customer services are not affected, the health insurer said its cyber security team is conducting an investigation. “We continue to work closely with the authorities to ensure that customer data remains protected,” the company said.