In a shocking privacy breach, customer data, including sensitive medical records from India’s largest health insurer, Star Health, has been made publicly accessible through Telegram chatbots, according to a report by Reuters. This incident follows allegations against Telegram’s founder for enabling criminal activities on the platform.
A security researcher informed Reuters about a user, known as “xenZen,” who claims to be selling private data of millions. The chatbots allow users to request samples of this stolen data, which includes names, phone numbers, addresses, tax details, ID copies, medical test results, and diagnoses.
Star Health and Allied Insurance, valued at over $4 billion, confirmed that they have reported the unauthorized access to authorities, stating their initial assessment showed “no widespread compromise” and that “sensitive customer data remains secure.” However, Reuters was able to download multiple policy and claims documents via these chatbots, raising significant concerns about the integrity of data protection measures.
Telegram’s chatbot feature, while widely popular with 900 million users globally, has come under increased scrutiny following the recent arrest of its founder, Pavel Durov, in France, amid questions about the platform’s content moderation and potential misuse.
