Trick 1- Data Breach and Unauthorized Disclosure
- Attackers exploit system vulnerabilities to gain unauthorized access to an insurance company’s database.
- Sensitive customer data (personal details, medical records, policy information, etc.) is stolen.
- The stolen data is leaked online or used for extortion (ransom demands).
- Example:Star Health Insurance Data Breach (2024), Policybazaar Data Breach (2018).
1. Star Health Insurance Data Breach (2024)
Steps of the Fraud:
- Unauthorized Access:
- Hackers infiltrated Star Health Insurance’s systems, accessing sensitive customer data, including personal details and medical records.
- Data Leak via Telegram:
- The stolen data, amounting to 7.24 terabytes related to over 31 million customers, was disseminated through Telegram chatbots, making it publicly accessible.
- Company Response:
- Star Health reported the breach to local authorities, asserting that a preliminary check showed no major compromise and that their sensitive data remained secure.