Yazılar

Star Health Hacker Claims Responsibility for Death Threats and Bullet Packages Sent to Executives

/in /tarafından

The hacker known as xenZen”, who last year leaked sensitive data from Star Health and Allied Insurance CompanyIndia’s largest health insurer—has claimed responsibility for sending death threats and bullet cartridges to the company’s top executives, according to a March 31 email obtained by Reuters.

In a chilling escalation, xenZen said the threats were a direct reprisal for the insurer’s alleged denial of medical claims to customers. The packages, reportedly sent in February to Star Health’s headquarters in Chennai, Tamil Nadu, were addressed to CEO Anand Roy and CFO Nilesh Kambli. Inside, a note warned:

next one will go in ur and ur peoples head. tik tik tik.”

Reuters reviewed photographs included in the hacker’s email that appear to show the threatening packages. While the news agency has not independently verified the hacker’s identity or the full accuracy of the information provided, three Indian police sources confirmed that a criminal investigation is underway. According to one source, a man in the neighboring state of Telangana has been arrested for allegedly facilitating the delivery of the packages.

Star Health declined to comment in detail, citing an “ongoing, highly sensitive criminal investigation.” CFO Kambli directed inquiries to the company’s PR team, and CEO Roy did not respond to calls for comment.

The case adds to growing concerns over executive security in the healthcare industry, especially after the murder of UnitedHealthcare CEO Brian Thompson in December — an incident that reportedly inspired xenZen’s threats.

Last year, the hacker leaked what they claimed was 7.24 terabytes of personal data related to over 31 million customers, including medical reports and insurance details. Star Health confirmed the data breach, which followed a ransom demand of $68,000. The company has since launched legal action against xenZen and Telegram, which was used to distribute the stolen data via chatbots. Those bots have since been removed.

In the latest email, xenZen claimed the threats followed requests from disgruntled customers who alleged their valid claims had been denied despite having coverage. Star Health has not responded to these specific allegations.

As the case unfolds, the incident raises urgent questions about data security, corporate accountability, and the physical safety of executives in an era where cyberattacks increasingly blur into real-world consequences.

SK Group Chairman Chey Apologizes for Major SK Telecom Data Breach, Pledges Security Overhaul

/in /tarafından

SK Group Chairman Chey Tae-won issued a public apology on Wednesday following a significant data breach at SK Telecom, South Korea’s largest mobile carrier, which has sparked alarm among its 23 million users over potential theft of personal and financial information.

The breach, detected on April 18, was attributed to a malware attack, and has led to widespread concern and customer action. Thousands have visited SK Telecom outlets to replace their USIM (Universal Subscriber Identity Module) cards, which the company is offering free of charge.

Chey, speaking for the first time since the breach became public, said, I believe we need to look at this as a matter of national defence, not just (data) security.” He acknowledged a need for a more comprehensive and strategic approach to cybersecurity, noting that the company previously treated such threats as a standard IT issue handled internally.

In response to the breach, SK Telecom has launched a USIM Protection Service, which it says provides equivalent protection to replacing the USIM card. Chey confirmed he enrolled in the service but had not yet replaced his own card.

The chairman also pledged a full-scale security review involving external cybersecurity experts to prevent similar incidents in the future and restore public trust in the company’s data protection capabilities.

Cyberattacks on M&S and Co-op Originated from Help Desk Deception, Says Report

/in /tarafından

Cybercriminals launched recent attacks on British retailers Marks & Spencer (M&S) and Co-op Group by impersonating employees to trick IT help desks into resetting passwords, according to a report by BleepingComputer. This social engineering tactic allowed hackers to gain initial access to internal systems.

The UK’s National Cyber Security Centre (NCSC) responded by urging all organisations to re-evaluate their help desk protocols, warning that online criminal activity like ransomware and data extortion is on the rise and that even large enterprises are vulnerable to such basic forms of manipulation.

While both M&S and Co-op declined to comment, the consequences of the M&S breach are already being felt. Shares dropped 4% on Tuesday and are down 12% since the cyber incident was disclosed on April 22. The company halted online orders for clothing and home products via its website and app on April 25, with no timeline for resumption. Some food product availability has also been disrupted.

Deutsche Bank analysts estimate the incident has cost M&S around £30 million ($40 million) so far, with an ongoing weekly impact of approximately £15 million. Though cyber insurance may offset part of the loss, it typically covers a limited time period. The broader risks include loss of consumer trust, data breach fines, and long-term reputational damage.

Ciaran Martin, former CEO of the NCSC, noted that the recovery time for such attacks is often lengthy due to the need to completely rebuild compromised IT networks.

Meanwhile, a group identifying as DragonForce claimed responsibility for attacking both M&S and Co-op, as well as stealing staff and potential customer data from the latter. The same group also claims responsibility for attacking Harrods. The report also links the cyberattack on M&S to the Scattered Spider” hacking collective, known for using DragonForce ransomware, although the NCSC said it could not confirm the connection.