Thursday, November 21, 2024
Thursday, November 21, 2024
- Advertisement -

Hacker puts Star Health’s 3.1cr customer data up for sale for $150,000

xenZen asserts that insurance firm’s CISO purportedly engaged in illicit transactions

Must Read

- Advertisement -
- Advertisement -
  • Claims to have exposed sensitive information, including personal identifiers and insurance claims, with options for “parts sale” indicating a troubling commodification of personal data.

The recent incident involving the hacking of Star Health, where an extensive trove of customer data—amounting to 7.24TB and affecting over 3.1 crore clients—has been put up for sale, underscores the alarming vulnerabilities within the insurance sector’s cybersecurity framework.

The hacker, known as xenZen, claims to have exposed sensitive information, including personal identifiers and insurance claims, for $150,000, with options for “parts sale” indicating a troubling commodification of personal data.

Severe lapse

The allegations leveled by xenZen suggest a breach not only of technical safeguards but also of ethical conduct within organisational structures. The assertion that Star Health’s Chief Information Security Officer purportedly engaged in illicit transactions related to customer data raises profound questions about accountability and governance within corporations.

Such claims, if verified, would indicate a severe lapse in the protective measures expected from high-ranking officials, fundamentally undermining customer trust.

Furthermore, the hacker’s provision of 500 random samples, purportedly including information about government officials, exacerbates concerns regarding identification and the potential misuse of such data.

The act not only threatens individual privacy but poses broader risks to national security and institutional integrity.

Star Health’s response to the breach, including a lawsuit against Telegram and the hacker, signifies an immediate attempt to mitigate reputational damage and address the legal ramifications of the incident.

However, the company’s initial assertion that “sensitive customer data remains secure” has been challenged by the ongoing availability of extensive data for purchase, indicating a disconnect between internal assessments and external realities.

This incident serves as a clarion call for the insurance industry to reassess and strengthen its cybersecurity protocols. It reveals a pressing need for enhanced security measures, employee training, and transparent communication strategies to reassure customers.



Sign up to receive top stories every day

- Advertisement -

Latest News

Locad raises $9m to spread wings into UAE and Saudi Arabia

Locad new funding will also be used to enhance Locad's AI-driven smart logistics capabilities.

UAE stands at helm of tech-driven banking revolution in Mideast

UAE commands major portion of region’s $3.2tr banking assets and aims at establishing a global benchmark.

India takes regulatory action against WhatsApp and fines $25.4m

CCI directes WhatsApp to cease sharing of user data with other applications owned by Meta Platforms
- Advertisement -
- Advertisement -

More Articles

- Advertisement -