Star Health sues Telegram after data leak

Star has also sued U.S.-listed software company Cloudflare Inc in the lawsuit, saying the leaked data on websites were hosted using its services

Top Indian insurer Star Health has sued Telegram and a self-styled hacker after reports that the hacker was using chatbots on the messaging app to leak personal data and medical reports of policy holders.

The lawsuit comes amid scrutiny of Telegram and the arrest of its founder Pavel Durov in France last month, with the app’s content moderation and features allegedly abused for illegal activities. Durov and Telegram denied wrongdoing and are addressing the criticism.

Star has received a temporary injunction from a court in its home state of Tamil Nadu ordering Telegram and the hacker to block any chatbots or websites in India that make available the data online, as per a copy of the order.

Star has also sued U.S.-listed software company Cloudflare Inc in the lawsuit, saying the leaked data on websites were hosted using its services.

Confidential and personal data of customers and of the plaintiff’s business activities in general has been hacked and leaked by using the platform (of Telegram), the Madras High Court order dated September 24 quoted Star as saying.

Star, a listed entity with a market cap exceeding $4 billion, made details of the lawsuit public for the first time in a newspaper advertisement in The Hindu on Thursday.

The court has issued notices to Telegram as well as Cloudflare in the matter, and will next hear the case on October 25.

The newspaper advertisement by Star stated the firm had asked for injunction restraining Telegram and Cloudflare from using the trade name “Star Health” or making available any of its data online.

The ability for users to create chatbots is widely credited with helping Dubai-based Telegram become one of the world’s biggest messenger apps with 900 million active monthly users.

Reuters last week reported that an individual dubbed xenZen had made stolen data including medical reports of Star customers publicly accessible on Telegram.

Star had earlier said its initial assessment showed “no widespread compromise” was detected and that “sensitive customer data remains secure”.

Two chatbots distributed Star Health data. One offered claim documents in PDF format. The other allowed users to request up to 20 samples from 31.2 million datasets with a single click giving details including policy number, name and even body mass index.