The cyber attacker who exposed a massive trove of confidential data from Star Health and Allied Insurance has now claimed responsibility for sending violent threats, including live bullets, to the company’s senior leadership. Using the alias “xenZen,” the hacker detailed these actions in a March 31 email to Reuters, admitting to orchestrating the delivery of threatening packages to the insurer’s Chennai-based headquarters in retaliation for its reported mistreatment of customers.
Hacker Confesses to Sending Bullets and Threatening Executives
In the email, xenZen disclosed that they had mailed two parcels containing live ammunition to top Star Health officials—Chief Executive Officer Anand Roy and Chief Financial Officer Nilesh Kambli—earlier this year. Each package was accompanied by an ominous message that read: “next one will go in ur and ur peoples head. tik tik tik.” The hacker claimed the threats were motivated by Star Health’s repeated refusals to settle what they described as legitimate insurance claims from clients.
The communication, made public for the first time by Reuters, included photographs of the mailed envelopes and documentation of the delivery process. XenZen claimed that they had acted after hearing from policyholders who were denied coverage despite having valid policies—an injustice the hacker cited as the catalyst for their actions against the company’s leadership.
Massive Data Breach Preceded the Threats
These recent developments come on the heels of a major cybersecurity breach that Star Health suffered in September 2023. At the time, xenZen revealed they had exfiltrated 7.24 terabytes of sensitive customer data, including detailed medical information for more than 31 million policyholders. The hacker subsequently posted portions of the stolen data online and reportedly entered negotiations to sell it on underground platforms.
The leak triggered a wave of public backlash against the insurer. Customers expressed outrage over the exposure of personal health data, while cybersecurity experts highlighted Star Health’s failure to implement adequate protective measures.
Star Health’s chief legal officer declined to comment on the death threats, citing the ongoing criminal investigation. The company has also remained silent about xenZen’s accusations concerning denied claims and has not issued any formal statement about the hacker’s motives.
Police Launch Investigation, Make Arrest in Telangana
Law enforcement officials in Tamil Nadu have confirmed the opening of a formal investigation into the violent threats made against the company’s executives. Authorities believe the hacker sent the packages as part of a targeted intimidation campaign. In connection with the case, police have apprehended a suspect from Telangana, a neighboring state, who is believed to have assisted xenZen in mailing the parcels.
While the police have yet to release the identity of the detained individual or further specifics about the arrest, sources familiar with the matter confirm that the investigation remains active. Tamil Nadu officials did not respond to repeated inquiries from Reuters regarding additional details.
Growing Threats Against Healthcare Executives Raise Alarm
The threats against Star Health’s executives have reignited concerns over the physical security of leaders in the health insurance sector. This incident closely follows the high-profile murder of UnitedHealthcare CEO Brian Thompson, who was fatally shot in December in what investigators described as a targeted act. That case, still under investigation, has brought greater attention to the risks faced by industry leaders amid mounting dissatisfaction with insurers.
In their March communication, xenZen referenced Thompson’s killing and indicated that the threats to Star Health officials stemmed from similar frustrations—namely, the denial of valid medical claims. The hacker claimed that multiple policyholders had approached them with grievances over the company’s alleged refusal to honor coverage obligations.
Despite these claims, Star Health has not issued a response addressing the hacker’s allegations or the broader customer complaints cited as the motive for the threats.
Legal Actions Continue in Wake of Data Breach
Star Health’s legal battle over the massive 2023 data breach is still ongoing. In September of that year, the company filed a lawsuit against both xenZen and Telegram, the encrypted messaging platform, accusing it of hosting stolen medical data via chatbot channels. Though the specific Telegram bots were later removed, the legal dispute remains unresolved in Indian courts.
Internal findings by the company revealed that xenZen had initially demanded a ransom of $68,000 in exchange for withholding the stolen data. When the company reportedly failed to comply, the hacker made the data publicly available and began issuing threats, escalating tensions further.
This high-stakes case has raised urgent questions about data privacy, corporate accountability, and executive safety within the healthcare sector. Experts argue that the breach and subsequent threats underscore the vulnerabilities facing companies that manage sensitive personal data—and the potential dangers that corporate leaders now face in an increasingly hostile environment.
Broader Implications for the Healthcare and Tech Industries
The ongoing investigation, arrest, and legal proceedings related to Star Health could have lasting consequences not only for the company but also for the broader insurance and healthcare industries. As more details emerge about the data breach and the violent threats linked to it, regulators and industry stakeholders may push for stronger cybersecurity standards and more transparent customer claim practices.
In the digital age, health insurers face growing scrutiny over how they protect consumer data and respond to policyholder concerns. The fallout from this case could lead to regulatory reforms and compel firms to revisit their security frameworks—particularly those dealing with health records and claims processing.
Meanwhile, the spotlight remains fixed on Star Health and its leadership as police continue their investigation into one of the most alarming cybercrime incidents in India’s corporate history. The company’s next steps, both in court and in public communication, may determine how it recovers from a crisis that has shaken trust in the nation’s private health insurance sector.
