India’s Star Well being is investigating accusations that its chief data safety officer performed a job in an information leak by a self-styled hacker who used Telegram chatbots and web sites to disseminate prospects’ medical information and private knowledge.
The nation’s largest well being insurer, Star advised Reuters that the official, Amarjeet Khanuja, was co-operating in its investigation into the leak, which has thus far turned up no proof of wrongdoing by him.
The investigation comes after the hacker, a person dubbed xenZen, publicly asserted on his web site that the chief had “bought all this knowledge to me”.
Khanuja, the agency’s chief data safety officer (CISO), didn’t reply to a request for remark.
“Our CISO has been duly co-operating within the investigation and we now have not arrived at any discovering of wrongdoing by him until date,” Star mentioned in Wednesday’s assertion.
Final month Star Well being sued Telegram and the hacker after Reuters reported on Sept. 20 that the hacker used chatbots on the messaging app to leak buyer particulars, earlier than establishing web sites offering quick access to the information.
Star was buying and selling down 2% on Thursday, and has misplaced about 6% because the Reuters report.
“We have been the sufferer of a focused, malicious cyberattack, leading to unauthorized and unlawful entry to sure knowledge,” Star mentioned.
Unbiased cybersecurity consultants have been main its forensic investigation, Star added within the assertion, and it was additionally working intently with authorities, to whom it had reported the incident.
Earlier, Star mentioned its preliminary evaluation confirmed “no widespread compromise”, including, “Delicate buyer knowledge stays safe.”
A court docket in Star’s southern dwelling state of Tamil Nadu has granted it a short lived injunction ordering Telegram and the hacker to dam any chatbots or web sites in India that make the information out there on-line.
Telegram has not commented on the lawsuit, whereas the hacker has vowed to affix the hearings on-line if permitted to take action.
Star’s authorized problem to Telegram comes amid rising scrutiny of the platform globally and the current arrest of its founder Pavel Durov in France, with the app’s content material moderation and options allegedly abused for unlawful actions.
Durov and Telegram denied wrongdoing and are addressing the criticism.
Telegram has beforehand mentioned it eliminated the chatbots when Reuters flagged them to the messaging platform’s crew.
On Thursday, a web based web site made by the hacker was nonetheless permitting individuals to merely click on on a begin button to obtain samples of the Star Well being policy-related knowledge, together with declare paperwork and medical information of sufferers.
Star didn’t touch upon the web site.
“We urge all platforms, internet hosting corporations, social media channels and customers to take swift and decisive motion to halt such actions,” it mentioned.
The Telegram characteristic permitting customers to create chatbots is extensively credited with serving to the Dubai-based messaging app develop into one of many world’s largest, with 900 million lively person a month.
The hacker’s web site provided declare doc samples in PDF format, whereas customers may also request as much as 20 samples from 31.2 million datasets comprising particulars similar to names, coverage numbers and even physique mass index (BMI).
© Thomson Reuters 2024
(This story has not been edited by NDTV employees and is auto-generated from a syndicated feed.)