India's Star Health says it received $68,000 ransom demand after data leak
Star, which has a roughly $4 billion market cap, is battling a reputational and business crisis since Reuters reported on Sept. 20 that a hacker had used Telegram chatbots and a website to leak customers' sensitive data, including tax details and medical claim papers
Star Health India's biggest health insurer, on Saturday said it had received a ransom demand of $68,000 from a cyberhacker in connection with a leak of customer data and medical records.
Star, which has a roughly $4 billion market cap, is battling a reputational and business crisis since Reuters reported on Sept. 20 that a hacker had used Telegram chatbots and a website to leak customers' sensitive data, including tax details and medical claim papers.
The company, whose shares have declined 11%, has launched internal investigations and has taken legal action against Telegram and the hacker, whose website continues to share samples of Star customers' data.
Star, which has previously said it is a "victim of a targeted malicious cyberattack", on Saturday revealed for the first time that in August "the threat actor demanded a ransom of $68,000 in an email" addressed to the company's managing director and its chief executive.
The statement came after Indian stocks exchanges sought clarifications from Star on a Friday over a Reuters report that the company was investigating allegations that its chief security officer was involved in the data leak.
Star reiterated on Saturday it has found no wrongdoing by the official, Amarjeet Khanuja, though the internal investigation is ongoing.
Telegram has declined to share the account details or permanently ban accounts linked to the hacker - an individual dubbed xenZen - "despite multiple notices issued in this regard," Star said on Saturday.
Star said it has "sought the assistance" of Indian cyber security authorities to "help us identify" the hacker.
Telegram did not respond to a request for comment.
The Dubai-based messenger app has previously said it removed the chatbots when Reuters flagged them to the platform.