Hackers steal customer data from insurance company: Madras High Court restrains Telegram, Cloudflare

Justice Senthilkumar Ramamoorthy restrains Telegram Messenger and Cloudflare from allowing the messaging service and the IT management services company to be used by the hackers to share or sell the stolen data

The Madras High Court has restrained Telegram Messenger and Cloudflare, an Information Technology management services company, from allowing the messaging service and the IT management services company to be used by unethical hackers to share or sell sensitive customer data allegedly stolen from the computer systems of Chennai-based Star Health and Allied Insurance Company Limited.

Justice Senthilkumar Ramamoorthy also restrained the popular messaging service platform and the IT management services company from permitting themselves to misuse the registered trade names Star, Star Health, Star Health Insurance, their logo and domain name www.starhealth.in, or any permutations or combinations thereof.

The interim injunctions were granted pursuant to a civil suit filed by the insurance company. Representing it, senior counsel Krishna Srinivasan told the court that the plaintiff was a licensed standalone health insurer, which had tied up with 14,000 network hospitals and had around 1.35 crore customers (through both retail as well as corporate channels) since its inception.

Recently, highly confidential and sensitive data related to the insurance company, its customers, and employees was illegally and unethically hacked by a group that identified itself as xenZen. The stolen data included health insurance policy details, claims and related documents, and other personally identifiable information of the customers.

The hackers sent mails to the insurance company on August 8 and August 10, threatening to disseminate the stolen data if their monetary demands were not met. When the insurance company did not budge to the illegal demands, the hackers began disseminating the sensitive private data through Telegram bots and websites created using Cloudflare, Mr. Srinivasan said.

Every time the insurance company reported the issue to Telegram Messenger and made the latter delete the bots, the hackers continued to create new bots. Similarly, they also came up with multiple websites, such as starheathleak.in, starhealthscam.in, and starhealth.lol, to sell the data. The insurance company took greats pains to ensure that those websites were taken down, he added.

In the meantime, a criminal complaint was also lodged with the cyber crime cell of the Greater Chennai City police on August 13. Thereafter, the plaintiff wrote to Telegram seeking details of the accounts from which the bots were being created, so that it would be helpful for the cyber crime police to trace the hackers. However, there was no response, the senior counsel complained.

He said the hackers had also created a website titled www.starhealthleak.com and hosted it behind the content delivery network of Cloudflare which hides the IP address of the hosting website and thereby, makes it impossible to take it down through normal channels. “This causes grave prejudice to the interests of the millions of individual customers of the plaintiff,” the counsel added.

He highlighted the need for the court to intervene and restrain Telegram Messenger as well as Cloudflare . Since the interim injunction had been sought against the unknown hackers identified as xenZen too, the judge ordered publication of a notice in the all-India edition of The Hindu, informing that the case would be heard next on October 25.

Published - September 26, 2024 04:55 pm IST