Sensitive data belonging to millions of customers of Star Health and Allied Insurance, one of India’s leading health insurance providers, has been stolen and leaked through Telegram chatbots, according to a recent report by Reuters.
The breach reportedly exposed the personal details of over 31 million customers, including medical reports, identification documents, and contact information.
Hackers used two Telegram bots to distribute over 7 terabytes of stolen data. These bots, which function as automated tools on Telegram’s platform, allow users to request and download customer data in exchange for simple queries. Telegram, a global messaging app with over 900 million users, has been used for such illicit activities in the past due to its customizable chatbot feature.
Telegram’s bot feature is widely used to automate file sharing and communication tasks. However, hackers exploited the feature to distribute stolen data in this case. The bots provided access to Star Health’s policy documents, medical reports, and other personal details of its customers.
UK-based security researcher Jason Parker first uncovered the breach. As a buyer on a hacker forum, Parker identified a user named ‘xenZen’ as the culprit behind the leak. XenZen claimed access to around 7.24 terabytes of Star Health’s data and offered the entire cache for sale in bulk. To attract potential buyers, free samples were distributed via Telegram bots.
Despite the severity of the situation, Star Health, which has a market capitalization exceeding USD 4 billion, initially downplayed the incident. The company claimed there was “no widespread compromise” and that sensitive data was still secure. However, Reuters’ investigation showed otherwise, as reporters could access over 1,500 personal documents, revealing customer names, addresses, tax details, and even sensitive medical histories.