Exclusive-Star Health hacker says they sent death threats, bullets to India executives
NEW DELHI (Reuters) -The hacker who leaked sensitive personal data held by Indian health insurer Star Health last year has taken responsibility for sending death threats and bullets to the company's chief executive and finance head.
The hacker, who goes by the alias "xenZen", described their reprisals against Star Health and Allied Insurance Company in a March 31 email to Reuters. The news agency is reporting them for the first time.
Star Health, India's biggest health insurer, has faced criticism from customers and data security experts since Reuters reported last September that xenZen had leaked sensitive client data, including medical reports. At the time, xenZen told Reuters in an email they possessed 7.24 terabytes of data related to over 31 million Star Health customers and was speaking to potential buyers for the data.
The news agency hasn't independently confirmed the identity or location of xenZen, the accuracy of the facts laid out in the March 31 email or the hacker's motive for targeting Star Health and its executives, which the email ascribed to the company's denial of medical claims to certain customers.
In response to questions from Reuters, Star Health's chief legal officer said in a statement the company could not comment "due to an ongoing, highly sensitive criminal investigation" related to its data leak.
XenZen said they had concealed bullet cartridges in two packages sent to Star Health's head office in the southern Indian city of Chennai, in Tamil Nadu state, in February.
The email included photographs that showed the packages addressed to Chief Executive Anand Roy and Chief Financial Officer Nilesh Kambli and a note inside which read: "next one will go in ur and ur peoples head. tik tik tik."
Roy did not respond to a phone call requesting comment, while Kambli told Reuters Star Health's public relations team would respond on his behalf. The company did not respond to further requests for comment.
The New Indian Express on Saturday reported that police in Tamil Nadu were investigating the threats and had linked them to xenZen.
Tamil Nadu police did not respond to Reuters queries.
Three Indian police sources confirmed an investigation was underway. They declined to be named as the matter is confidential.
One police source said a man from the neighbouring state of Telangana, who the source did not name, has been arrested in recent days for allegedly helping courier the packages to Star Health on behalf of xenZen.
Reuters was unable to identify the individual or the status of his detention.
Globally, health care companies have been reassessing the risks for their top executives after UnitedHealthcare Chief Executive Brian Thompson was murdered in a targeted attack in December. The killing also called fresh attention to deepening patient anger over health insurance.
In the March 31 email to Reuters, xenZen referred to the killing of Thompson and said the death threats to the Star Health executives were sent after the hacker was contacted for help by customers of Star Health who had been denied claims on medical bills despite coverage plans with the company.
Star Health did not comment on what xenZen described as their motive, the claims of dissatisfied customers being denied or the police investigation into the threats.
Star Health launched internal investigations into last year's data leak, which the company said followed a ransom demand of $68,000 from the hacker.
Star Health last September sued xenZen and messaging app Telegram for hosting the sensitive customer data on its chatbots, court papers show. The chatbots hosting the stolen data have since been deleted and the case is ongoing.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time Business News
an hour ago
- Time Business News
Pilots' grouping ALPA-India mulls legal course to be part of Air India plane crash probe
Mumbai, Jul 13 (PTI) Pilots' grouping ALPA-India on Sunday said it is mulling legal recourse to have its members as part of the investigation into the Air India's Boeing 787-8 plane crash, a day after alleging that AAIB's preliminary report suggests a bias towards pilot error. The Airline Pilots' Association of India (ALPA-India) represents over 800 pilots of airlines and helicopter companies in the country. It is a member of the International Federation of Airline Pilots' Association (IFALPA), which claims to have 1 lakh pilots from across 100 countries as its members. Against the backdrop of the AAIB's preliminary report, representatives of ALPA-India will meet officials of the Directorate General of Civil Aviation (DGCA) on Monday to discuss various issues. 'The preliminary report by the AAIB has been put up on the website. It does not have anyone's signature on it. We want transparency. We had asked for our representation in the investigation panel,' ALPA-India President Sam Thomas told PTI. Thomas stressed that its members have domain expertise and can contribute meaningfully in the investigation of the Air India plane crash. The association is mulling legal recourse to ensure that its members are made a part of the investigation team. His comments come at a time when people from certain quarters are opining that fuel switches could have been cut off by a pilot, a proposition that has been strongly rejected by pilots' groupings. The Aircraft Accident Investigation Bureau (AAIB) in its preliminary report on the crash that killed 260 people on June 12 said the fuel switches to the engines were cut off within a gap of 1 second immediately after takeoff and caused confusion in the cockpit of Air India flight AI 171. India's second largest airline by domestic market share, Air India is owned by the Tata Group. Citing cockpit voice recording, the 15-page preliminary report, released on Saturday, said one pilot asked why the switch was cut off and the other pilot responded that he did not do so. 'We are once again surprised at the secrecy surrounding these investigations. We are also reiterating the fact that suitably qualified personnel are not taken on board for these crucial investigations,' ALPA-India said in a statement on Saturday. 'We feel that the investigation is being driven in a direction presuming the guilt of pilots and we strongly object to this line of thought,' it had said. Last month, IFALPA offered its 'technical expertise' to the Indian civil aviation authorities in the Ahmedabad plane crash probe being conducted by the AAIB. In a letter to AAIB Director General G V G Yugandhar, the federation had said it was ready to provide expert technical and other forms of assistance, share global best practices and offer personnel to collaborate closely with the investigators. A five-member team appointed by the AAIB is probing the crash, which is also the first where a Boeing 787 Dreamliner accident resulted in hull loss. 'Experienced pilots, engineers, aviation medicine specialist, aviation psychologist and flight recorder specialists have been taken on board as subject matter experts to assist the investigation in the area of their domain expertise,' AAIB said in the preliminary report. (This story has not been edited by TIMEBUSINESSNEWS and is auto-generated from PTI) Author Credits TIME BUSINESS NEWS
Yahoo
3 hours ago
- Yahoo
Medicare data breach exposes 100,000 Americans' info
Healthcare data continues to be a top target for cybercriminals. In June alone, two major breaches compromised over 13 million patient records. Now, a newly confirmed Medicare data breach has affected more than 100,000 Americans. The Centers for Medicare & Medicaid Services (CMS) sent letters this week to those affected, confirming that hackers accessed sensitive data linked to accounts. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join my Over 8M Patient Records Leaked In Healthcare Data Breach The breach traces back to suspicious activity starting in late 2023. According to CMS, cybercriminals used stolen personal data from external sources to fraudulently create accounts. That information included: Read On The Fox News App Full names Dates of birth ZIP codes Medicare Beneficiary Identifiers (MBIs) Medicare coverage details CMS began receiving alerts in May 2025 when people reported receiving account confirmation letters for accounts they had not created. This triggered an internal investigation. Hackers not only created unauthorized accounts but, in some cases, accessed additional sensitive data such as: Home addresses Provider and diagnosis codes Services received Plan premium details CMS has deactivated all affected accounts and is mailing new Medicare cards to the estimated 103,000 individuals affected. The agency says no confirmed identity theft cases have been reported yet. CMS stressed the action is being taken out of "an abundance of caution," but the breach raises questions about federal cybersecurity safeguards. If you're one of the people affected by the Medicare data breach: Watch your mailbox for a replacement Medicare card Monitor your account for suspicious activity Report unauthorized services or charges immediately CMS is still investigating how the attackers obtained such accurate personal data and whether more individuals may be at risk. What Is Artificial Intelligence (Ai)? So far, CMS has not identified the attackers. However, the use of valid personal information suggests that the hackers may have obtained data from prior breaches or leaks on other platforms. This breach reveals a troubling vulnerability in the federal healthcare system, where hackers can exploit existing data to create legitimate-looking accounts and access deeply personal medical information. Here are five important steps you can take right now to protect your Medicare information and reduce your risk of identity theft after the breach. Regularly check your Medicare and healthcare accounts for changes you did not make. Be cautious of unfamiliar services, charges or communications from providers you don't recognize. In light of the Medicare data breach, where bad actors used valid personal details to create fake accounts, enrolling in a trusted identity theft protection service can offer an extra layer of defense. These services monitor your Social Security number, email, phone number and other sensitive data to alert you if it's being sold on the dark web or used to open fraudulent accounts. Many top-rated services also help you freeze your credit and bank accounts and offer expert support if your identity is compromised. My top pick includes up to $1 million in identity theft insurance to cover stolen funds and legal fees, plus access to a U.S.-based fraud resolution team that helps you recover faster. See my tips and best picks on how to protect yourself from identity theft at Never share your Medicare number or card details with anyone over the phone or email, unless you initiated the contact and trust the source. Treat it like a credit card. If you believe your information is being misused, remove it from the internet. A personal data removal service can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting a free scan to find out if your personal information is already out on the web: If you notice suspicious activity, report it directly by calling 1-800-MEDICARE (1-800-633-4227) to report Medicare fraud. Also, file a report at to create a recovery plan with the Federal Trade Commission (FTC). This not only helps you recover faster but also contributes to broader investigations that protect others. This Medicare breach may not have resulted in confirmed cases of identity theft so far, but that does not mean the situation should be taken lightly or dismissed as low risk. It took malicious actors less than two years to create over 100,000 fake Medicare accounts using valid personal information, which suggests a significant weakness in how sensitive data is being protected and monitored at the federal level. Do you think healthcare organizations are doing enough to protect your data? Let us know by writing us at Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join my Copyright 2025 All rights article source: Medicare data breach exposes 100,000 Americans' info
Yahoo
7 hours ago
- Yahoo
Oscar Health (OSCR) Loses 12.7% as Wells Fargo Downgrades Stock
Oscar Health, Inc. (NYSE:OSCR) is one of the Oscar Health declined by 12.7 percent week-on-week as investor sentiment was dampened anew by another rating downgrade for its stock. Last week, Wells Fargo lowered its stock rating and price target for Oscar Health, Inc. (NYSE:OSCR) to 'underweight' from 'equal weight' and to $10 from $16 previously, amid concerns about rising medical costs and inadequate pricing for 2025. The new price marked a 30.4-percent downside from its latest closing price of $14.38. This followed Barclays' first coverage of Oscar Health, Inc. (NYSE:OSCR) on July 2, assigning the firm with an 'underweight' rating but with a price target higher than Wells Fargo's, of $17 apiece. A close up of a patient and a healthcare professional engaging in conversation, showing the company's commitment to patient care. According to Barclays, its coverage reflected policy risks that could derail the insurer's ambitious margin and growth targets. It can be recalled that Oscar Health, Inc. (NYSE:OSCR), under new leadership, set a goal of more than $2.25 earnings per share by 2027. While we acknowledge the potential of OSCR as an investment, our conviction lies in the belief that some AI stocks hold greater promise for delivering higher returns and have limited downside risk. If you are looking for an extremely cheap AI stock that is also a major beneficiary of Trump tariffs and onshoring, see our free report on the . READ NEXT: 30 Stocks That Should Double in 3 Years and 11 Hidden AI Stocks to Buy Right Now. Disclosure: None. This article is originally published at Insider Monkey. Sign in to access your portfolio
