• Star Health, India's largest health insurer, is investigating a significant data leak, with CISO Amarjeet Khanuja at the center of allegations.
  • The company's shares have dropped 6% since the data leak news, and Star Health has sued Telegram and the alleged hacker.
  • Independent cybersecurity experts are leading a forensic investigation into the incident, and Star Health assures customers their sensitive data remains secure.
  • The incident highlights the importance of robust cybersecurity measures, especially for companies handling sensitive customer data.

India's largest health insurer, Star Health, is currently embroiled in a significant data leak investigation. The company's Chief Information Security Officer (CISO), Amarjeet Khanuja, is at the center of the allegations. The accusations have been made by a self-proclaimed hacker, known as xenZen, who claims to have obtained customers' medical records and personal data through Telegram chatbots and websites. The hacker has publicly asserted that Khanuja sold all this data to me.

Star Health has responded to these allegations by launching an internal investigation. The company has stated that Khanuja is fully cooperating with the investigation, and so far, no evidence of wrongdoing has been found. Our CISO has been duly cooperating in the investigation and we have not arrived at any finding of wrongdoing by him till date, Star said in a recent statement.

The data leak has had significant repercussions for Star Health. The company's shares were trading down 2% on Thursday, and have lost about 6% since the news of the data leak was reported.

Legal Action and Cybersecurity Measures

In response to the leak, Star Health sued Telegram and the hacker last month, after it was reported that the hacker used chatbots on the messaging app to leak customer details. The hacker then set up websites providing easy access to the data. Star Health has described itself as the victim of a targeted, malicious cyberattack, resulting in unauthorized and illegal access to certain data.

The company has engaged independent cybersecurity experts to lead a forensic investigation into the incident. It is also working closely with authorities, to whom it has reported the incident. Despite the severity of the situation, Star Health has assured its customers that their sensitive data remains secure. The company's initial assessment showed no widespread compromise.

A court in Star's southern home state of Tamil Nadu has granted it a temporary injunction ordering Telegram and the hacker to block any chatbots or websites in India that make the data available online.

Telegram Under Scrutiny

The incident has brought Telegram under scrutiny, especially in light of the recent arrest of its founder, Pavel Durov, in France. The app's content moderation and features have been allegedly abused for illegal activities. Durov and Telegram have denied any wrongdoing and are addressing the criticism. Telegram has previously stated that it removed the chatbots when they were flagged to the messaging platform's team.

The data leak incident at Star Health is reminiscent of similar cyberattacks that have targeted major companies in the past. For instance, in 2017, Equifax, one of the largest credit bureaus in the U.S., suffered a massive data breach that exposed the personal information of 147 million people. The breach was a result of a failure to patch a known vulnerability, leading to a settlement of $700 million.

In the case of Star Health, the data leak has reportedly included claim documents and medical records of patients. The hacker's website offered claim document samples in PDF format, while users could also request up to 20 samples from 31.2 million datasets comprising details such as names, policy numbers, and even body mass index (BMI).

The incident serves as a stark reminder of the importance of robust cybersecurity measures, particularly for companies handling sensitive customer data. As the investigation continues, it remains to be seen what further measures Star Health will take to address the situation and prevent future data breaches. The company's response to this crisis will undoubtedly serve as a case study for other organizations in the industry, underscoring the critical importance of data security in today's digital age.