A website on Wednesday claimed to have leaked the data of over 31 million Star customers and made the information available for sale at $150,000.
The alleged data breach comes two weeks after Star Health, one of the country's top health insurers, sued social media platform Telegram and an unknown hacker for leaking the data of its customers.
The website, created by a hacker identified as xenZen, claimed to have access to the data of over 3.1 crore customers, including sensitive information like PAN card details, phone numbers, tax details, residential address, and medical records.
“I am leaking all Star Health India customers and insurance claims sensitive data. This leak is sponsored by Star Health and Allied Insurance Company, which sold this data to me directly. You can check the authenticity of the data in the Telegram bots below and read about how they sold it in the section below,” the hacker stated on the website, according to Business Standard.
Meanwhile, a viral X post from Deedy Das, a venture capitalist at Menlo Ventures, shared an alleged email exchange between Amarjeet Khanuja and the hacker.
"One of India's most massive hacks is happening right now! ~31M rows of Star Health Insurance data — name, DOB, address, phone, PAN card and salary for Indians is selling it for $150k. Hacker claims CISO Amarjeet Khanuja sold him the data. Nothing is private in India," the X post read.
Das also claimed that a sample of the data was available at the website https://starhealthleak.st. The website also claim to have the data of government officials. However, ABP LIVE couldn't independently verify the authenticity of claims on the website.
A Reuters report also claimed that Star Health's stolen customer data including medical reports were publicly accessible via chatbots on Telegram.
However, it is not known whether the website had been created by the same individual, who has been charged in the lawsuit.