Telegram used to leak medical data
A hacker known as xenZen claims responsibility for leaking over 7 terabytes of data from Star Health via Telegram chatbots.
Data from millions of Star Health customers, including sensitive medical information, is being accessed and sold via Telegram chatbots. The breach comes just weeks after Telegram’s founder was criticised for failing to prevent criminal activity on the platform. The hacker responsible claims to possess data from over 31 million customers, with some available for free through the chatbots and bulk data offered for sale.
Star Health, one of India’s largest health insurers, stated that it has reported the breach to local authorities but reassured customers that sensitive data remains secure. Initial assessments revealed no evidence of a widespread compromise, despite reports of leaked documents including medical diagnoses, tax details, and ID copies.
Telegram’s role in enabling chatbots has made it one of the most popular messaging apps globally, with over 900 million users. However, security concerns continue to grow, particularly following the recent arrest of its founder in France. While Telegram denies any wrongdoing, it faces mounting pressure over its moderation policies.
The hacker, who operates under the alias xenZen, claimed responsibility for creating the chatbots and for holding 7.24 terabytes of data. UK-based researcher Jason Parker, who discovered the breach, revealed that the stolen data has been accessible since early August, with the chatbots distributing small samples for free.