Star Health Data Breach: Sensitive Customer Information Exposed on Telegram Chatbots

 

Customer data, including sensitive medical records from India’s largest health insurer, Star Health, was discovered accessible through chatbots on Telegram. This revelation comes shortly after the app, founded by Pavel Durov, was scrutinized for allegedly enabling criminal activities.
Security expert Jason Parker notified Reuters about the chatbots, which provide access to policy documents containing private customer information such as names, addresses, phone numbers, tax details, ID copies, medical records, and test results. 
A hacker using the alias “xenZen” claimed responsibility for creating the chatbots, revealing on a forum that they had obtained 7.24 terabytes of data from over 31 million Star Health customers. While some data is being shared freely through these chatbots, bulk purchases are also available.
With over 900 million active monthly users, Telegram’s chatbot feature is highly popular but has faced criticism for content moderation issues and its potential misuse by malicious entities. After Reuters reported the breach, Telegram removed the chatbots offering Star Health data, though new ones have since surfaced, demonstrating the difficulty in controlling such misuse.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: