Star Well being and Allied Insurance coverage, one of many largest medical insurance corporations in India, has confirmed it was the goal of a “malicious cyberattack,” some two weeks after cybercriminals claimed to publish prospects’ well being information and different delicate information on-line.
The Chennai-headquartered insurance coverage big instructed TechCrunch in an announcement Wednesday that the cyberattack resulted in “unauthorized and unlawful entry to sure information,” although it said its operations remained unaffected and providers continued.
“A radical and rigorous forensic investigation, led by impartial cybersecurity consultants, is underway, and we’re working intently with authorities and regulatory authorities at each stage of this investigation, together with by duly reporting the incident to the insurance coverage and cybersecurity regulatory authorities other than submitting a felony criticism,” the corporate stated in its assertion.
When requested by TechCrunch, Star Well being wouldn’t say if the information breach included prospects’ information.
Final month, a hacker group created chatbots on Telegram that leaked the alleged private information belonging to 31 million Star Well being policyholders and over 5.8 million insurance coverage claims. The info included full names, telephone numbers, and residential addresses, in addition to medical reviews and insurance coverage claims of people. The hackers additionally shared copies of buyer ID playing cards and people’ tax particulars.
Star Well being instructed TechCrunch on the time that the corporate was “investigating” the alleged theft.
Shortly after the hackers’ Telegram bots got here to mild, Star Well being filed a authorized criticism with the Madras Excessive Court docket in opposition to Telegram for internet hosting the chatbots. The insurer additionally named Cloudflare in its lawsuit for its function in internet hosting the hacker group’s web sites on its service.
India’s CERT-In instructed TechCrunch earlier that it was “already in means of taking acceptable motion with the involved authority.”
Particulars of the breach, and the way the hackers obtained probably thousands and thousands of consumers’ information, stay unclear.
The hackers’ web site, used to publicize the Telegram bots sharing the allegedly stolen particular person information, features a video allegedly exhibiting screenshots and conversations between Star Well being CISO Amarjeet Khanuja and the hacker group. TechCrunch is just not linking to the positioning because it accommodates personally identifiable data.
The function of the corporate’s CISO within the cyberattack, if in any respect, is just not but recognized.
“We additionally wish to categorically point out that our CISO has been duly co-operating within the investigation, and we’ve got not arrived at any discovering of wrongdoing by him until date. We request that his privateness be revered as we all know that the menace actor is attempting to create panic,” the insurer stated Wednesday.
TechCrunch requested particular questions, together with whether or not the insurer can affirm who accessed the information, whether or not it was an insider or a malicious intruder, and if it is aware of and might affirm what has been accessed or taken already. The insurer wouldn’t say.
Star Well being, which supplies well being, private accident, and abroad and journey insurance coverage, has a community of greater than 14,000 hospitals and over 850 department places of work throughout India. Star Well being says on its web site that it has supplied medical insurance protection to 170 million people.