Star Health and Allied Insurance, one of India’s largest health insurance firms, confirmed it was the target of a “malicious cyber attack,” about two weeks after cybercriminals claimed to have posted the medical records of patients online. clients and other confidential data.
The Chennai-based insurance giant told britcommerce in a statement on Wednesday that the cyberattack resulted in “illegal and unauthorized access to certain data,” although it claimed its operations were not affected and services continued.
“A thorough and rigorous forensic investigation is underway, led by independent cybersecurity experts, and we are working closely with the government and regulatory authorities at every stage of this investigation, including properly reporting the incident to insurance and regulatory authorities. cybersecurity, in addition to submitting the application. a criminal complaint,” the company said in its statement.
When asked by britcommerce, Star Health did not say whether the data breach included customer data.
Last month, a group of hackers created chatbots on Telegram that leaked alleged personal data belonging to 31 million Star Health policyholders and more than 5.8 million insurance claims. The data included full names, phone numbers and home addresses, as well as people’s medical reports and insurance claims. The hackers also shared copies of people’s customer ID cards and tax data.
Star Health told britcommerce at the time that the company was “investigating” the alleged theft.
Soon after the hackers’ Telegram bots came to light, Star Health filed a legal complaint in the Madras High Court against Telegram for hosting the chatbots. The insurer also named Cloudflare in its lawsuit for its role in hosting the hacking group’s websites on its service.
India’s CERT-In told britcommerce earlier that it was “already in the process of taking appropriate action with the concerned authority.”
The details of the breach and how the hackers obtained potentially millions of customer data are still unclear.
The hackers’ website, used to advertise Telegram bots that share the supposedly stolen person’s data, includes a video purportedly showing screenshots and conversations between Star Health CISO Amarjeet Khanuja and the group of hackers. britcommerce is not linked to the site as it contains personally identifiable information.
The role of the company’s CISO in the cyberattack, if any, is not yet known.
“We also want to categorically mention that our CISO has been duly cooperating in the investigation and till date we have not come to any finding of wrongdoing on his part. “We ask that their privacy be respected because we know the threat actor is trying to create panic,” the insurer said Wednesday.
britcommerce asked specific questions, including whether the insurer can confirm who accessed the data, whether it was an insider or a malicious intruder, and whether it knows and can confirm what was accessed or already taken. The insurer did not want to say.
Star Health, which offers health, personal accident and travel and overseas insurance, has a network of over 14,000 hospitals and over 850 branches across India. Star Health says on its website that it has provided health insurance coverage to 170 million people.