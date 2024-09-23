Breach, Data Security

Star Health data exposed via Telegram bots

Share
Telegram logo
(Photo Illustration by Jakub Porzycki/NurPhoto via Getty Images)

Reuters reports that Star Health, the largest health insurance provider in India, had stolen data from more than 31 million of its customers exposed by a pair of Telegram chatbots created by the threat actor "xenZen," which have been operational since early August.

Despite the shutdown of both chatbots — which provided free access to up to 20 data samples from 31.2 million datasets and PDF-based claim documents — more have emerged to distribute the stolen data. While over 1,500 files downloaded by Reuters from the chatbots included names, addresses, phone numbers, tax information, ID card copies, medical diagnoses, and test results, Star Health has emphasized the lack of widespread compromise based on its initial investigation. Such a development comes just weeks after Telegram CEO Pavel Durov was arrested by French authorities over the platform's inadequate content moderation. "The fact that sensitive data is available via Telegram is natural, because Telegram is an easy-to-use storefront. Telegram has become an easier to use method for criminals to interact," noted NordVPN cybersecurity expert Adrianus Warmenhoven.

Related

Almost 30K impacted by Kansas county ransomware attack

Such an intrusion resulted in unauthorized access to Franklin County's poll book records, which included individuals' names, Social Security numbers, financial account numbers, driver's license numbers, medical record numbers, insurance identification numbers, COVID-19-related details, vaccination information, and/or insurance or billing details.

Crypto heist against BingX leads to theft of over $44M

Investigation conducted alongside blockchain security firm SlowMist noted the theft of nearly $44.7 million as a result of the incident although calculations are still ongoing, said BingX, which emphasized its immediate implementation of urgent asset transfers and other emergency procedures following the identification of atypical network access.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.