Table of Contents
Breaking News : In yet another major data breach incident, millions of customer records, including sensitive medical reports from Star Health and Allied Insurance Ltd, have allegedly been leaked and made available through chatbots on Telegram, weeks after the messenger app was accused of enabling criminal activities. According to a report by news agency Reuters on Friday, September 20, the breach brings into focus challenges Indian companies are facing while securing data and marks growing threats in using innovative technology like chatbots.
But how did the breach happen?
Here’s a summary.
According to news reports, the agency received a security researcher’s tip indicating that chatbots are being applied for the sales of private data of millions, including names, addresses, copies of ID cards, tax details, and medical diagnoses. Samples of this information can be accessed through chatbots developed on Telegram, while user requests can be reached by inter acting with bots.
The creator of the chatbots, at one point, confessed to the security researcher that they had access to over 7.24 terabytes of data, which contained details of more than 31 million Star Health customers. This data was free in bits and pieces or for sale in bulk.
Breaking News : Response from Star Health Regarding the Data Breach:
In response to the hack, Star Health and Allied Insurance said: “There has been no ‘widespread compromise’ of customer data, and all sensitive customer data remains secure.” It admitted that it had already informed the local authorities about unauthorized access and would keep all the information confidential. Reuters reported that an agency could download policy and claim documents from the chatbots, which include medical reports, ID cards, and tax details.
Since the incident, the firm has informed the Tamil Nadu cybercrime wing and the federal security agency, CERT-In, regarding the breach. Star Health further stated that it is committed to the privacy of its customers. The firm said that it is in cooperation with the authorities regarding this criminal activity to ensure customer data security.
Telegram’s Role in the Breach
The world’s largest messenger apps, with 900 million active monthly users, Telegram allows users to build and run custom, customizable chatbots on a user request basis, which can offer specific content and features. Although the chatbot feature in Telegram is very convenient for many genuine use cases, this incident points to another concerning aspect regarding the vulnerability of the platform to malicious actors.
This ability of private customer data to be accessed through Telegram chatbots has reflected the struggle of the platform in preventing criminals from taking advantage of its use. While Telegram’s PR spokesperson Remi Vaughn said that sharing private information on the app is absolutely prohibited and that moderators work with AI tools and proactive monitoring, which erases dangerous content, such misuse of chatbots for the trading of stolen data indicates that this is not so.
In fact, the agency stated that on September 16, after it informed Telegram about the chatbots, they vanished. But in a few hours, new chatbots were making an offer of the same allegedly stolen Star Health data.
How do the chatbots work?
These Star Health data selling chatbots offer users several avenues through which they can access sensitive information. While one sells policyholder documents in pdf format, another can be requested for up to 20 samples from more than 31 million records in the dataset. Information that was uncovered included such sensitive details as names, policy numbers, phone numbers, tax details, and even body mass index.
This ease of accessibility with sensitive customer information raised questions over the repercussions for the affected customers. For example, one of the leaked records happened to be the treatment of a one-year-old child that was there along with her diagnosis, blood test reports, medical history, and a bill of nearly ₹15,000. The father of the child, Sandeep TS too said it was the original. He said he was worried about the leakage, fearing it might haunt him: “It sounds worrisome.
Do you know how this can affect me?
Another policyholder, Pankaj Subhash Malhotra, said that his medical records, including ultrasound reports, illness information, and photocopies of his ID card, were leaked through the chatbots. At no point had Star Health informed Sandeep or Pankaj about any data breach or potential security breach.
Response from Star Health to the Breach
Even though Star Health has filed a complaint with the concerned authorities and maintains that it respects customer privacy, growing doubts have emerged about their capability of handling the same. The company stated that an unknown person had sent a message to them on August 13 stating that he or she possessed some of the leaked data. After this, Star Health lodge a complaint with the cybercrime department of Tamil Nadu and CERT-In.
However, even so, the data did not cease to be accessed through Telegram chatbots. The company has since assured clients that they are cooperating with law enforcement in correcting the situation but the persistence of the data being accessed through the new chatbots remains a challenge in handling the breach.
Challenge in Securing Data on Telegram
A high number of cybercriminals resorted to using Telegram for stolen data due to the anonymity in which they could upload and share large amounts of data through the site’s design. This makes it even harder for companies like Star Health to track the breaches and leaks.
According to Adrianus Warmenhoven, the head of cyber security at NordVPN, the service has emerged as a user-friendly shop window for offenders who wish to communicate with customers. Warmenhoven told the agency, “The fact that sensitive data is available via Telegram is natural because Telegram is an easy-to-use storefront.”
This trend was reflected in a 2022 NordVPN survey, which showed India accounted for 12 percent of the victims whose data was sold via chatbots. Considering the scale of the breach of Star Health, Telegram’s popularity among cybercrooks only seems to be growing.
Impact on Customers of Data Breach
This data leak arouses serious questions regarding millions of customers who rely on Star Health for this kind of insurance. As a matter of fact, these individuals are prone to identity thefts and fraud because of such leaks while at the same time having the trust in the company to handle information about privacy broken down.
Star Health did not inform its customers individually. Therefore, most customers have no clue that their personal details have become public. Both Sandeep TS and Pankaj Subhash Malhotra, whose records the agency accessed, have confirmed that the company had never informed them of any security threats.
This breach also underlines the need for stronger controls and law enforcement to gain control over the security of data dealt with in such companies. Since millions of records were compromised in this breach, it is obvious that security measures adopted were not of a stringent enough nature to prevent unauthorized access.
Conclusion: An Alarm for Data Security
The breach of customer data at Star Health and Allied Insurance by Telegram chatbots is a stark reminder of the growing threat of cybercrime and how companies have to think of the grim challenges posed by protecting the sensitive information. Cybercrime, in fact, has been using emerging platforms like Telegram to sell their stolen data, therefore, companies have to take the initiative to secure the data and improve their cybersecurity measures.
For customers, it brings forward the need to remain current with the safety of their personally identifiable information and informed of any fraud in general. With this digital revolution, an individual’s sensitive information is a shared responsibility, and breaches like this create strong demands for stronger safeguards and greater transparency from companies. In this manner, it could be asserted that the breach at Star Health is an aftermath of a greater problem in data security, not only in India but worldwide. Thus, an effort must be made by either of the parties involved – companies and regulators.