Star Health Probes Alleged Position of Safety Chief in Information Leak

India’s Star Health is investigating accusations that its chief data safety officer performed a task in a knowledge leak by a self-styled hacker who used Telegram chatbots and web sites to disseminate prospects’ medical information and private information.

The nation’s greatest well being insurer, Star advised Reuters that the official, Amarjeet Khanuja, was co-operating in its investigation into the leak, which has to this point turned up no proof of wrongdoing by him.

The investigation comes after the hacker, a person dubbed xenZen, publicly asserted on his web site that the manager had “sold all this data to me”.

Khanuja, the agency’s chief data safety officer (CISO), didn’t reply to a request for remark.

“Our CISO has been duly co-operating in the investigation and we have not arrived at any finding of wrongdoing by him till date,” Star stated in Wednesday’s assertion.

Last month Star Health sued Telegram and the hacker after Reuters reported on Sept. 20 that the hacker used chatbots on the messaging app to leak buyer particulars, earlier than establishing web sites offering easy accessibility to the info.

Star was buying and selling down 2% on Thursday, and has misplaced about 6% because the Reuters report.

“We were the victim of a targeted, malicious cyberattack, resulting in unauthorized and illegal access to certain data,” Star stated.

Independent cybersecurity consultants had been main its forensic investigation, Star added within the assertion, and it was additionally working carefully with authorities, to whom it had reported the incident.

Earlier, Star stated its preliminary evaluation confirmed “no widespread compromise”, including, “Sensitive customer data remains secure.”

A court docket in Star’s southern dwelling state of Tamil Nadu has granted it a short lived injunction ordering Telegram and the hacker to dam any chatbots or web sites in India that make the info out there on-line.

Telegram has not commented on the lawsuit, whereas the hacker has vowed to hitch the hearings on-line if permitted to take action.

Star’s authorized problem to Telegram comes amid rising scrutiny of the platform globally and the current arrest of its founder Pavel Durov in France, with the app’s content material moderation and options allegedly abused for unlawful actions.

Durov and Telegram denied wrongdoing and are addressing the criticism.

Telegram has beforehand stated it eliminated the chatbots when Reuters flagged them to the messaging platform’s staff.

On Thursday, a web-based web site made by the hacker was nonetheless permitting individuals to merely click on on a begin button to obtain samples of the Star Health policy-related information, together with declare paperwork and medical information of sufferers.

Star didn’t touch upon the web site.

“We urge all platforms, hosting companies, social media channels and users to take swift and decisive action to halt such activities,” it stated.

The Telegram characteristic permitting customers to create chatbots is extensively credited with serving to the Dubai-based messaging app change into one of many world’s greatest, with 900 million lively consumer a month.

The hacker’s web site supplied declare doc samples in PDF format, whereas customers may request as much as 20 samples from 31.2 million datasets comprising particulars resembling names, coverage numbers and even physique mass index (BMI).

© Thomson Reuters 2024

(This story has not been edited by NDTV workers and is auto-generated from a syndicated feed.)