Hacker behind Star Health breach claims threats to India executives

The hacker behind Star Health's data breach says they sent bullets and threats to top executives over denied claims

The hacker behind last year’s major data breach at Star Health and Allied Insurance Company has claimed responsibility for sending death threats and bullets to the health insurer's top executives.

 

In a March 31 email to Reuters, the hacker — who uses the alias ‘xenZen’—said they mailed two packages containing bullet cartridges to Star Health’s Chennai headquarters. The packages were addressed to Chief Executive Officer (CEO) Anand Roy and Chief Financial Officer (CFO) Nilesh Kambli, and included a note that read: “Next one will go in ur and ur peoples head. tik tik tik.”

 

The same hacker had previously claimed responsibility for leaking 7.24 terabytes of customer data from Star Health, including sensitive medical records, affecting more than 31 million people. In a 2024 email to Reuters, xenZen said they were seeking buyers for the stolen data. 

The hacker reportedly said they acted after being contacted by Star Health customers who claimed their medical insurance claims were denied despite having valid coverage. 

 

When contacted by the news agency, Star Health’s chief legal officer said the company could not comment “due to an ongoing, highly sensitive criminal investigation.” CEO Anand Roy did not respond to calls, while CFO Nilesh Kambli directed inquiries to the company’s public relations team. The company issued no further response. 

According to a report in The New Indian Express on Saturday, Tamil Nadu police are investigating the threats and have linked them to xenZen. Three law enforcement sources also confirmed that an active investigation is underway. 

One police official said a man from Telangana was recently arrested for allegedly helping courier the packages to Star Health on behalf of xenZen. 

Star Health has previously confirmed it launched an internal investigation following the 2023 data leak. At the time, the company said it received a ransom demand of $68,000 from the hacker. 

ALSO READ: Unidentified men hacked credit card details of a doctor: How to stay safe?

 

In September 2024, Star Health filed a lawsuit against xenZen and messaging platform Telegram, accusing them of distributing the stolen data via chatbots. Court documents show the chatbots have since been taken down. The legal proceedings are ongoing. 

In the March 31 email, xenZen also referenced the December 2024 murder of UnitedHealthcare CEO Brian Thompson, which sparked global concerns over the safety of health insurance executives. The hacker said the threats against Star Health were motivated by similar frustrations from policyholders.

 

(With Reuters inputs)  

  ALSO READ: Unidentified men hacked credit card details of a doctor: How to stay safe?