A few days back India’s most massive hack took place when Star Health Insurance faced a data breach in which as per the threat actor data related to over 31 million customers that included customers’ names, PAN numbers, mobile numbers, email addresses, birthdates, residential addresses, policy numbers, details of pre-existing conditions, health card numbers and other confidential records was stolen and was also said to be listed for sale.

Shockingly the hacker also claimed that Star Health Chief Information Security Officer (CISO) Amarjeet Khanuja sponsored the data leak by purportedly selling the information directly. This data breach sparked significant concerns over data protection and security in the country. Star Health Insurance has finally decided to break its silence on this issue and has issued an official statement regarding this data breach.

Star Health Insurance Issues An Official Statement

As per the statement, “Star Health is carrying out an investigation with regard to unauthorized access by an unknown person or group of persons (Threat Actor or TA) to certain customer data. A thorough investigation by independent cyber security experts was immediately initiated and is underway. We have also reported the incident to all relevant regulatory agencies including the Computer Emergency Response Team (CERT-In) and the IRDAI on 14 August 2024. Separately, we have filed a Complaint before the Commissioner of Police, Chennai on 14 August 2024 based on which a First Information Report (FIR) was registered by the Tamil Nadu Police Cyber Crime Cell on 23 September 2024 reporting the incident, as well as a civil suit on 22 September 2024 before the Hon’ble Madras High Court, which in its order dated 24 September 2024 has, inter alia, directed all third parties, including persons unknown, to disable access to the relevant information. The incident involved a series of emails received by Star Health senior executives, in which the Threat Actor claimed unauthorized and illegal access to the customer confidential data and demanded a ransom amount of USD 68,000. Based on ongoing investigations, the Threat Actor appears to have used bots to purportedly share customer sensitive information through Telegram (the social media and messaging platform) and certain websites. ”

The company has also shared the list of events in chronological order about this matter as per which it took various actions against the threat actor and Telegram Bots to stop the stolen data from being leaked.

Talking about the current status of this issue, company has clarified that they have taken all measures to secure their system by exercising additional controls while they have also informed and south the assistance of the Tamil Nadu Cyber Security Authorities to help the company identify the threat actor.

Below are the strategies used by Star Health to protect the privacy and interests of Policyholders

• FIR filed with TN Cyber Police on 23 September 24 against the entities involved in carrying out this incident and investigations are underway. Attached for reference.
• The Honorable High Court of Madras has issued injunction dated 24 September 24 in a civil suit filed by Star Health against Telegram, Cloudflare, XenZen and Unknown Adversaries, inter alia, to prevent the leak, dissemination, and sale of sensitive data. Attached for reference.
• A comprehensive independent forensic investigation, led by cyber security experts, is in progress and will be concluded before the end of October.
• All identified preventive and proactive measures communicated to concerned stakeholders to contain the incident and further strengthen the information technology (IT) and digital landscape with action plan and timelines.
• Star Health is keeping the regulator IRDAI and its Board of Directors updated on all developments and seeking their guidance.
• Core Crisis Committee working closely with media and regulatory authorities to minimize the reputational impact.
• Star Health has released a media statement on 9 October 2024 providing assurance to their customers.

The post Star Health Issues An Official Statement On The Star Health Insurance Data Breach Controversy appeared first on The Tech Outlook.

Following the lawsuit that Star Health had filed against Telegram and an unknown hacker two weeks ago and amidst the arrest of Telegram Founder and CEO Pavel Durov, a massive data breach has taken place in the country. The name of Star Health and Allied Insurance Co. Ltd. has again made the news and this time, the hacker who is responsible claims that the data was allegedly sold by a senior executive of the company.

Read more about the news below.

Star Health Data Breach – One of India’s Massive Data Breaches

While it is still unclear whether the hacker responsible for this current data breach is the same hacker that Star Health sued two weeks back or not, via the website that has been created now, over 31 million personal data of Star Health customers is at risk. The hacker who has been identified as ‘xenZen’ has listed the entire data set on the website for $150,000 and as smaller batches of 100,000 entries for $10,000 each. 500 data samples have also been provided on the website.

Identity thefts, phishing attempts, targeted scams, financial fraud, account takeover, extortion, and hacking of other related accounts are all some serious consequences that can happen due to such a data leak.

What is more shocking is that, this time, the name of a Senior Star Health Executive has also been linked to the data breach as the hacker claims that the data was sold to him by this person. The hacker also adds that more money was later demanded for backdoor access to information.

An ongoing investigation is currently taking place and the company acknowledged that it was the victim of this cyber attack. The investigation being led by independent cyber security experts, closely working with government and regulatory authority, is duly being reported to the insurance and cyber security regulatory authorities of the country. The company has also approached the Madras High Court regarding the matter as well.

Star Health also adds that Amarjeet Khanuja, the Senior Vice President and Chief Information Security Officer of Star Health, and the accused senior executive, has been cooperating well with the investigation and so far nothing has been found to prove his involvement in the matter. It should also be noted that the operations of the company will not be affected and all services will be provided to customers without any disruptions.

The post Star Health Massive Data Breach Shocks the Country: Over 31 Million Customer Data Leaked appeared first on The Tech Outlook.

Shocked reading the headline? Well anyone would be, as due to the onion scams and threat to privacy due to smartphones, users try to be more careful and aware before giving access to permissions like location being tracked, or some files being shared with an app or website.

A report by Cybernews today has alarmed the people online. In their latest research, the publication has found out that Google tracks your location every 15 minutes even with GPS disabled. Cybernews researchers took the latest Pixel 9 Pro XL smartphone with a new Google account and default settings to focus on what all a new smartphone sends to the company. Researchers used a man-in-the-middle approach to intercept the traffic between the smartphone and Google’s servers.

As per Aras Nazarovas, a security researcher at Cybernews, “Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks.”

It was also revealed that the phone constantly requests experiments and configurations tries accessing the stain environment, and connects to device management and policy enforcement endpoints, suggesting Google’s remote control capabilities. Pixel devices also connected to services that were not used, nor explicit consent was given, such as Face grouping endpoints, causing privacy and ownership concerns while the calculator app, in some conditions, also leaked calculation history to unauthenticated users with physical access.

The device sent potentially excessive and sensitive data that includes the number of times the device was restarted, time elapsed since powering on, and a list of apps installed on the device, including sideloaded ones.

All these points raised concerns about eroding user privacy and control. However other than the company’s servers, the data was not shared to any other third-party app.

Cybernews reached out to Google with these findings to which the company explained that core Play services enable key functionality on every certified Android device. Everyone can check what data is collected. It is revealed that data transmissions are needed for legitimate services regardless of the device model, manufacturer, or even OS.

The post Google Tracks Your Location Every 15 Minutes Even When GPS Disabled: Claims Report appeared first on The Tech Outlook.

Amazed reading the headline? Well obviously, as its not every day that we hear that a hacker is being honored for hacking a company’s system. A user named @7h3h4ckv157 on the X platform has shared today that he has hacked the NASA system for the second time and has also shared the security vulnerabilities directly with NASA. For this, the user has now been honored by NASA with an appreciation letter.

I Hacked @NASA (again) and reported some vulnerabilities to them. Just today, I received this appreciation letter from them after they patched the loopholes! pic.twitter.com/t4w92culxK

— 7h3h4ckv157 (@7h3h4ckv157) September 26, 2024

The letter was signed by Mark Witt, NASA’s Chief Information Officer it stated, “On behalf of the National Aeronautics and Space Administration and NASA’s Vulnerability Disclosure Policy (VDP), we would like to recognize your efforts as an independent security researcher, both in identifying the vulnerability you submitted and for following NASA’s VDP policy and guidelines in responsibly reporting this to us.”

It also stated that the reporting of the vulnerabilities has facilitated the awareness of NASA of the unknown vulnerabilities in its security. As per the user, this appreciation letter was received by him after NASA successfully patched the loopholes.

The post NASA Honors A Hackers Contribution By Sending An Appreciation Letter After Vulnerability Report appeared first on The Tech Outlook.

In recent developments, two major Indian telecom providers have announced AI-powered solutions aimed at enhancing digital security and combating unwanted communications. Airtel led the charge with its spam detection tool, followed by BSNL’s announcement of an upcoming anti-scam solution.

Airtel’s AI-Powered Spam Detection Tool

On September 25, Bharti Airtel launched an AI-powered spam detection tool. The system is designed to flag suspected spam calls and messages in real-time for Airtel users. According to the company, the tool is automatically activated for all subscribers at no additional cost. It employs a proprietary algorithm to classify communications as “Suspected SPAM” by analyzing various parameters such as caller usage patterns, call frequency, and duration. This data is then cross-referenced with known spam patterns for identification.

Airtel’s Managing Director and CEO, Gopal Vittal, commented on the launch, stating, “Spam has become a menace for customers. We have spent the last twelve months to solve this comprehensively. Today marks a milestone as we launch the country’s first AI-powered spam free network that will shield our customers from the continuous onslaught of intrusive and unwanted communications.”

BSNL’s Upcoming AI/ML Solution for Scam Prevention

Following Airtel’s initiative, BSNL (Bharat Sanchar Nigam Limited) has now revealed its own plans in the AI space. In a post on X (formerly Twitter), the state-owned telecom company announced: “Good news! We’ve cracked it. A breakthrough AI/ML-powered solution is in its final stage, designed to identify, neutralize & eliminate scams before they reach you. The future of digital security is #ComingSoon. Big reveal at India Mobile Congress 2024.”

Good news! We’ve cracked it. A breakthrough AI/ML-powered solution is in its final stage, designed to identify, neutralize & eliminate scams before they reach you. The future of digital security is #ComingSoon.
Big reveal at India Mobile Congress 2024.#BSNL #BSNLAntiSpamNetwork pic.twitter.com/XBZCn25kzS

— BSNL India (@BSNLCorporate) September 26, 2024

The post After Airtel’s AI Spam Blocker, BSNL Announces Upcoming Anti-Scam Solution appeared first on The Tech Outlook.

In a startling cybersecurity breach, renowned Indian YouTuber Ranveer Allahbadia fell victim to a sophisticated hacking attack on Wednesday night. Both of Allahbadia’s YouTube channels, including his popular ‘Beer Biceps’ channel, were compromised in an incident that has raised alarm bells about the vulnerability of high-profile social media accounts.

The hackers took control of Allahbadia’s ‘Beer Biceps’ channel, renaming it to “Tesla” and altering its handle to “@Elon.trump.tesla_live2024”. In a similar vein, his personal channel was rebranded as “@Tesla.event.trump_2024”. In a move that has shocked fans and fellow content creators alike, the cybercriminals proceeded to delete all existing interviews and podcasts from both channels.

The deleted content was replaced with older streams featuring high-profile figures such as Elon Musk and Donald Trump. The hackers then employed a particularly cunning tactic, using an AI-generated avatar of Elon Musk in a livestream to perpetrate a cryptocurrency scam. This digital doppelganger urged viewers to invest in cryptocurrency, falsely promising to double their returns if they deposited Bitcoin or Ethereum on a suspicious website, elonweb.net.

Cybersecurity experts have identified this as a “Bitcoin doubling” scam, a common method employed in attacks targeting prominent social media accounts. This incident is reminiscent of past high-profile hacks, such as the 2024 breach of McDonald’s Instagram account. In that case, hackers promoted a fake cryptocurrency called ‘GRIMACE,’ named after the company’s purple mascot, reportedly earning $700,000 before the scam was detected and shut down.

In response to the breach, YouTube has taken the drastic step of removing both of Allahbadia’s channels from its platform. Users attempting to access the channels are now met with a message stating, “This page isn’t available. Sorry about that. Try searching for something else.”

The post Popular YouTuber Ranveer Allahbadia’s Channels Hacked in Cryptocurrency Scam appeared first on The Tech Outlook.

There have been numerous reports on data and security breaches of global and Indian users over the past few years. Now we have one more such report which reveals the name of a few Indian websites that reveal the private credentials of its users. @deedydas has today revealed on the X platform that many Indian websites have atrocious web security.

Many Indian websites have atrocious web security.

If you google "index of aadhar card" or pan card, you can find 1000s of exposed private credentials.

If "Options +Indexes" is set on an Apache server, users can browse files.

This is from Indian Aerospace and Engineering: pic.twitter.com/YIpC1b2nn2

— Deedy (@deedydas) September 24, 2024

Among these websites include Indian Aerospace and Engineering, Star Kidz, and Genefied AI. He has shared that if you Google Index Of Aadhaar Card or Pan Card you can find 1000s of exposed private credentials. If Options + Indexes is set on an Apache server, users can also browse the files.

One of the users questioned @deedydas on why he is sharing this on the X platform as people who are unaware would also know to which he replied that they should know to be aware.

The first screenshot shared is of The Indian Aerospace and Engineering while next is The Star Kidz website that reveals the details of children.

This an entire kindergarten called The Star Kidz pic.twitter.com/rUWJWEmOMc

— Deedy (@deedydas) September 24, 2024

There is also a startup company called Genefied AI which is revealed to claim AI-driven loyalty between brands and consumers but funnily reveals the Pan Card details of its users.

This is a startup called Genefied AI which claims to do "AI-Driven Loyalty Between Brands and Consumers" pic.twitter.com/4dY1xys43l

— Deedy (@deedydas) September 24, 2024

Well Aadhaar data and PAN card details that were supposed to be secure and not to be revealed to anybody are now revealed by these websites to almost all the users causing a risk to the privacy of users.

The post Privacy At Risk: Many Indian Websites Expose Private Credentials Of 1000s Of Users appeared first on The Tech Outlook.

Update on 14th September 2024: Motorola seems to have gained access back to its X account and has deleted that post.

For those who remember, a few weeks ago, McDonald’s Instagram account was hacked, leading to a million-dollar crypto phishing scam.

It now seems that Motorola’s official X (formerly Twitter) account has been compromised. A post has appeared from the brand’s official handle promoting a cryptocurrency.

Introducing $BERRY on Solana the next 100x gem!

CA: 6V5javYTHoxRKMvugNV1AoSYjUerwM9FqTjqeRmZS9TJ

Let's pump this together!

— motorola (@Moto) September 14, 2024

the post reads “Introducing $BERRY on Solana the next 100x gem!

CA: 6V5javYTHoxRKMvugNV1AoSYjUerwM9FqTjqeRmZS9TJ

Let’s pump this together!”

So users are advised not to deposit any funds in this crypto.

It has been nearly two hours, and it seems Motorola still hasn’t regained control of its X account. We will update this story as soon as there are any further developments.

The post [Update- resolved]Motorola’s X Handle Falls Victim to Crypto Phishing Scam appeared first on The Tech Outlook.

A few days back Google introduced its Google One Lite subscription in India that was for users who wanted more storage but at a lower price. Apart from this new subscription plan, Google has also started rolling out new safety features in Chrome that offer more control to users of their data and keep them safer while browsing the internet.

Chrome is rolling out new features to protect you from online threats, offer more control over your personal data and keep you safer while browsing the internet. See what’s new ↓ https://t.co/A2goTjGgPO

— Google (@Google) September 13, 2024

New Safety Features In Chrome

Stay Protected With Improved Safety Check

Safety Check feature is now revamped and it will run automatically in the background on Chrome, inform users of actions it takes including revoking permissions from sites they don’t visit anymore, remind users if anything needs their attention, and will also protect against abusive notifications by automatically revoking notification permissions from sites Google Safe browsing finds to be deceiving users into granting the permission.

On Desktop, Safety Check will continue to notify you if you have any Chrome extensions installed that may pose a security risk to you, then bring you to the extensions page and show a summary panel with quick controls to remove them. Users will continue to have the latest security patches and check their passwords for potential security risks. It also provides the option to enable Google safe browsing protections.

Unsubscribe From Site Notifications In One Tap

On Pixel devices and coming soon to more Android devices, you will be able to simply tap the Unsubscribe button directly on the notification drawer to stop receiving notifications from that site.

Grant One-Time Website Permissions

With this feature, you can choose to grant select permissions- such as access to your camera or mic- to a site for one time only. Once you leave the site, Chrome will revoke the permissions. The site won’t be able to use those permissions until you explicitly grant them again.

The post Google Officially Rolls Out New Safety Features In Chrome appeared first on The Tech Outlook.

We all have this belief that Apple products provide us with better privacy and security than any other product out there in the market. And it does provide enhanced security but at the same time, Apple products are also vulnerable up to an extent. Recently a report came from Hacker News that reported that Cado security has identified a malware as a service(MaaS)  named Cthulhu Stealer. This malware has been available as a malware-as-a-service (MaaS) model for $500 a month from late 2023. It can target both x86_64 and Arm architectures. Cado Security researcher Tara Gould said about this “Cthulhu Stealer is an Apple disk image (DMG) that is bundled with two binaries, depending on the architecture,”. He further says “The malware is written in Golang and disguises itself as legitimate software.”

This malware impersonates itself as  CleanMyMac, Grand Theft Auto IV, and Adobe GenP. Those users who end up launching the unsigned file by bypassing Gatekeeper protections are directed to enter their system password. This is an osascript-based technique that has been adopted by the  Atomic Stealer, Cuckoo, MacStealer, and Banshee Stealer. This malware harvests the system information that comprises web browser cookies and Telegram account information, is compressed and stored in a ZIP archive file, and is sent to the command-and-control (C2) server. The similar functionality of this malware with the Atomic stealer suggests that someone might have modified the code of this.

Here it becomes important that the user not only stay away from installing apps from unverified apps but also keep their system up to date with the latest security updates.

The post macOS Security at Risk: Cthulhu Stealer Malware Targets Apple Users appeared first on The Tech Outlook.