Telegram’s woes seem far from over as one of the nation’s most prominent health insurance providers, Star Health, has filed a lawsuit against the messaging app Telegram and an alleged hacker after reports surfaced of customer data being leaked via chatbots on the platform. The case follows a Reuters investigation revealing that personal data, including medical records of Star Health policyholders, was being exposed.


The lawsuit arrives amidst increasing global scrutiny of Telegram, especially after its founder, Pavel Durov, was arrested in France last month over concerns regarding content moderation and illegal activities on the app. 


Both Telegram and Durov have reportedly denied any misconduct, pledging to address the criticisms.


ALSO READ | Telegram Changes Hard Stance, CEO Pavel Durov Confirms Sharing Of User Data With Authorities Amid Legal Pressure


What Happened To Star Health Data?


Star Health, valued at over $4 billion, has secured a temporary court injunction from Tamil Nadu, instructing Telegram and the hacker to block any chatbots or websites in India that are distributing the stolen data. The company has also filed a suit against US-based Cloudflare, accusing the firm of hosting sites where the compromised data was available.


According to the court order, Star Health claims that confidential customer information has been leaked through Telegram’s platform. 


The case was made public in a newspaper ad in The Hindu on Thursday, marking the first time the company disclosed details of the lawsuit.


Both Telegram and Cloudflare have been issued notices, with the case scheduled for a hearing on October 25. The lawsuit seeks to restrain Telegram and Cloudflare from using Star Health’s trade name or disseminating any of the stolen data.


Telegram’s Chatbot Problem


The ability to create chatbots on Telegram has contributed to the platform’s massive growth, boasting 900 million monthly active users. However, the recent data leaks have raised concerns about the misuse of such features. 


Earlier reports identified an individual, using the alias xenZen, as the hacker behind the leaks. Medical reports and other sensitive data of Star Health policyholders were made accessible on Telegram, sparking security concerns. 


Though Star Health initially stated that there was no widespread data breach, chatbots distributing claim documents and personal information were discovered. Reuters was able to download over 1,500 files containing sensitive customer data.


Telegram acted swiftly, removing the chatbots after being alerted by Reuters, though new ones soon reappeared. Star Health has also named xenZen in the lawsuit, with the hacker indicating a willingness to attend court hearings remotely if allowed.