From Messaging to Malice: Telegram Continues to Be a Cybercrime Hub as Criminals Leak Star Health Customer Data via Chatbots

September 20, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

In a startling revelation, sensitive customer data from one of India’s largest health insurer, Star Health, has been found publicly accessible through chatbots on Telegram, as reported by Reuters.

A hacker exploited Telegram chatbots to leak private data, with the chatbot’s creator boasting to a security researcher that personal information of millions of Star Health customers was up for sale.

Reuters, upon probing, was able to download sensitive documents, including policy details, names, phone numbers, addresses, ID cards, tax information, and even medical diagnoses.

Star Health, a company valued at over $4 billion, responded by notifying local authorities and reassuring the public that, based on their initial assessment, “no widespread compromise” had occurred and that “sensitive customer data remains secure.” However, the ease with which the chatbots accessed and distributed personal information raises serious concerns about the company’s data protection protocols.

After Reuters flagged the issue, Telegram removed several of the compromised chatbots. Yet, new ones quickly surfaced, continuing to release private data, fueling concerns about the platform’s role in facilitating such breaches.

This breach adds to the growing scrutiny of Telegram’s security practices, especially following the arrest of its CEO for allegedly allowing the app to be used for illicit activities. The Star Health incident underscores the alarming vulnerabilities in digital security and highlights how easily personal data can be exploited, despite corporate assurances.

As the situation unfolds, it serves as a grim reminder of the critical need for stronger data protection in an increasingly digital world.