Customer data, including medical records from India’s largest health insurer, Star Health and Allied Insurance, has been found accessible through chatbots on Telegram, according to a report by Reuters. The breach, which surfaced just weeks after Telegram faced criticism for facilitating criminal activities, exposes the personal information of millions of individuals.
A security researcher informed Reuters that a purported chatbot creator claimed to have private details of millions of people for sale, with sample data available upon request through the chatbots. Star Health (STAU.NS), with a market capitalization of over $4 billion, acknowledged the alleged unauthorized data access in a statement, saying that it had reported the matter to local authorities. The company added that an initial assessment indicated “no widespread compromise” and that “sensitive customer data remains secure.”
However, Reuters was able to use the chatbots to retrieve policy and claims documents, which included names, phone numbers, addresses, tax details, ID copies, test results, and medical diagnoses. Telegram, a popular Dubai-based messaging app with 900 million active monthly users, has faced scrutiny over the potential misuse of its platform, particularly after the recent arrest of its Russian-born founder, Pavel Durov, in France. Durov and Telegram have denied any wrongdoing and are reportedly working to address the issues raised.
The chatbots on Telegram, reportedly active since at least August 6, feature a welcome message attributed to “xenZen.” The UK-based security researcher, Jason Parker, found the chatbots while posing as a potential buyer on a hacker forum. The user, going by the alias “xenZen,” claimed to control 7.24 terabytes of data linked to over 31 million Star Health customers. Although the chatbot provides random data for free, the bulk of the stolen data is offered for sale.
Reuters was unable to independently verify the claims made by xenZen or determine how the data was obtained. In an email to Reuters, xenZen mentioned they were in discussions with potential buyers but did not disclose further details.