Star Health Insurance, one of India's largest health insurers, has been rocked by a massive data breach involving the personal data of over 31 million customers. A hacker identified as "xenZen" has claimed that Amarjeet Khanuja, the chief information security officer (CISO) of Star Health, sold the data to them.
The hacker is now offering to sell the entire dataset for $150,000 or in smaller batches of 100,000 entries each for $10,000. The leaked data includes sensitive information such as full names, PAN and mobile numbers, email addresses, dates of birth, residential addresses, pre-existing medical conditions, policy numbers, nominee details, and even height and weight.
In response to the allegations, Star Health Insurance acknowledged the breach but denied any wrongdoing on the part of their CISO. The company stated that they are cooperating with law enforcement and have taken steps to address the security breach.
This incident follows a previous data leak involving Star Health Insurance, which was reported by Reuters in September. The leaked data included over 7.24 terabytes of sensitive customer information, accessible through Telegram bots.
The breach has raised serious concerns about the security of personal data in India and the potential for misuse of such information. As the investigation into the matter continues, it remains to be seen how the company will address the fallout from this significant data breach.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
