Hacker Uses Telegram Chatbots To Leak Data Of Indian Insurer Star Health

Stolen customer data, including medical reports from India's largest health insurer, Star Health, is publicly accessible via chatbots on Telegram, just weeks after Telegram's founder was accused of allowing the messenger app to facilitate crime, Christopher Bing and Munsif Vengattil reported for Reuters.

The ability for users to create chatbots is widely credited with helping Dubai-based Telegram become one of the world’s largest messaging apps.

The purported creator of the chatbots told a security researcher, who alerted Reuters to the issue, that private details of millions of people were for sale, with samples viewable by asking the chatbots to divulge.

Star Health and Allied Insurance, whose market capitalization exceeds $4 billion, stated to Reuters that it had reported the alleged unauthorized data access to local authorities.

The company’s initial assessment indicated "no widespread compromise" and asserted that "sensitive customer data remains secure."

Using the chatbots, Reuters was able to download policy and claims documents featuring names, phone numbers, addresses, tax details, copies of ID cards, test results, and medical diagnoses.

The ability for users to create chatbots is widely credited with helping Dubai-based Telegram become one of the world’s largest messaging apps, boasting 900 million active monthly users.

However, the recent arrest of Russian-born founder Pavel Durov in France has heightened scrutiny of Telegram’s content moderation and features that may be misused for criminal purposes. Durov and Telegram denied any wrongdoing and are working to address the criticism.