Star Health investigates alleged role of security chief in data breaches

India’s Star Health is investigating allegations that its head of information security played a role in a data breach by an alleged hacker who used Telegram chatbots and websites to distribute customers’ medical records and personal data.

The country’s largest health insurer Star told Reuters that the official, Amarjeet Khanuja, was cooperating with the investigation into the leak, which has so far found no evidence of wrongdoing by him.

The investigation comes after the hacker, an individual named xenZen, publicly claimed on his website that the director “sold all this data to me.”

Khanuja, the company’s Chief Information Security Officer (CISO), did not respond to a request for comment.

“Our CISO has duly cooperated with the investigation and we have not made any finding of misconduct by him to date,” Star said in Wednesday’s statement.

Last month, Star Health sued Telegram and the hacker after Reuters reported on September 20 that the hacker used chatbots on the messaging app to leak customer data before setting up websites that gave easy access to the data.

Star was down 2% on Thursday and has lost about 6% since the Reuters report.

“We were the victim of a targeted, malicious cyber-attack, resulting in unauthorized and illegal access to certain data,” Star said.

Independent cybersecurity experts led the forensic investigation, Star added in the statement, and also worked closely with the authorities to whom the incident was reported.

Previously, Star said its initial assessment found there is “no widespread compromise”, adding: “Sensitive customer data remains secure.”

A court in Star’s southern home state of Tamil Nadu has granted Telegram and the hacker a temporary injunction to block chatbots or websites in India that make the data available online.

Telegram has not commented on the lawsuit, while the hacker has promised to participate in the hearings online if allowed to do so.

Star’s legal challenge to Telegram comes amid increasing scrutiny of the platform globally and the recent arrest of its founder Pavel Durov in France, alleging the app’s content moderation and features were misused for illegal activities.

Durov and Telegram denied wrongdoing and responded to the criticism.

Telegram previously said it removed the chatbots when Reuters reported them to the messaging platform’s team.

On Thursday, an online website created by the hacker was still allowing people to simply click a home button to receive samples of the Star Health policy-related data, including claim documents and patient medical records.

Star did not comment on the website.

“We urge all platforms, hosting companies, social media channels and users to take swift and decisive action to stop such activities,” the report said.

The Telegram feature that allows users to create chatbots is widely credited with helping the Dubai-based messaging app become one of the largest in the world, with 900 million monthly active users.

The hacker’s website offered sample claim documents in PDF format, while users can also request up to 20 samples from 31.2 million data sets with details such as names, policy numbers and even body mass index (BMI).

© Thomson Reuters 2024

(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)