Telegram has taken firm steps against bots that were accused of sharing sensitive information related to Star Health and Allied Insurance Company and is closely monitoring their potential reappearance, according to a statement from the company.
"The bots reported to Telegram for sharing Star Health data were immediately removed and moderators are monitoring to prevent them from being recreated. The sharing of private information on Telegram is expressly forbidden and such content is deleted whenever it is found," the statement said.
Star Health sent a legal notice to Telegram last month, alleging that the chatbots hosted by Telegram shared the leaked data. The statement also mentioned that Telegram has consistently affirmed its position on data privacy and its cooperation with the investigation.
Telegram, in a note titled "Is blaming the Intermediary the new norm in Data Breach Incidents?", said it is becoming increasingly clear that Star Health may have tried to pass the buck to Telegram and Cloudfare.
Telegram announced on September 27, 2024, that it had removed the original two bots sharing this data once they were discovered. Additionally, any newly-created bots attempting to share this data were likely eliminated as part of a comprehensive sweep of Telegram's searchable content, resulting in the removal of an estimated 90 per cent of harmful content.
A senior company official reportedly sold personal data such as mobile numbers, addresses, and pre-existing medical conditions of over 3.1 crore Star Health customers, as per the report on September 20, 2024.
According to the information provided by UK-based researcher Jason Parker, a hacker named xenZen had launched a website containing sample data of Star Health and an email correspondence with a senior official responsible for overseeing and managing the company's digital network.
"I am leaking all Star Health India customers and insurance claims sensitive data. This leak is sponsored by Star Health and Allied Insurance Company, which sold this data to me directly. You can check the authenticity of the data in the Telegram bots below and read about how they sold it in the section below," the hacker's website read.
The hacker had developed Telegram bots to retrieve information from 31,216,953 customers as of July 2024 and 5,758,425 claims of the company until early August.
The hacker alleged that the Chief Information Security Officer (CISO) of Star Health had sold all the data and later attempted to alter their agreement.
Parker reported on October 3, 2024, that the threat actor has now self-hosted their data leak bots, making it extremely difficult to permanently remove them.
Star Health clarified the situation in a statement, indicating that a comprehensive and thorough forensic investigation, led by independent cybersecurity experts, is in progress, and the company is collaborating closely with government and regulatory authorities throughout the investigation.
"We also timely approached the Madras High Court which in the attached order has directed all including certain third parties to disable access to the relevant information. We are diligently pursuing the implementation of this order," it had said.
The company categorically mentioned that the CISO has been duly cooperating in the investigation and has not arrived at any finding of wrongdoing by him to date.
Follow us
