In a chilling escalation of cybercrime, the hacker behind the massive Star Health data breach has now claimed responsibility for sending bullet cartridges and death threats to the insurer’s top executives. The ongoing investigation has widened to include physical threats, digital extortion, and criminal conspiracy signaling a dangerous convergence of cyberattacks and real-world violence.
Bullet in the Mail: Hacker Escalates to Physical Threats
A hacker using the alias ‘xenZen’ has reportedly mailed packages containing bullet cartridges to the Chennai headquarters of Star Health and Allied Insurance Company targeting CEO Anand Roy and CFO Nilesh Kambli with a chilling note that read:
“Next one will go in ur and ur peoples head. tik tik tik.”
The threats were disclosed in a March in which xenZen took responsibility for the packages and linked them to their previous cyberattack on Star Health a 2023 data breach that compromised 7.24 terabytes of customer data, including sensitive medical information of over 31 million people.
Law enforcement sources have confirmed that a man from Telangana has been arrested for allegedly aiding in the couriering of the packages. Police say he was acting on instructions from the hacker, adding a new layer of conspiracy and organized threat to what began as a cybercrime.
The 2023 Breach: Ransom, Lawsuit, and Legal Deadlock
Star Health had previously acknowledged the breach in 2023 and confirmed receiving a ₹56.61 lakh ransom demand from the same hacker. The scale of the leak placed it among the most significant data compromises in India’s healthcare sector, raising alarms over data governance in insurance and the monetization of medical records on the dark web.
ALSO READ: OEMs Invited to Showcase Tech Solutions to Police and LEAs
In September 2024, Star Health escalated the matter legally, filing a lawsuit in Indian courts against xenZen and messaging platform Telegram. The suit alleged that Telegram chatbots were being used to distribute stolen policyholder data. According to court documents, the bots were eventually taken down, but legal proceedings remain ongoing.
Despite mounting public pressure, Star Health has largely remained silent. CEO Anand Roy has not issued a direct comment, while CFO Kambli referred inquiries to the company’s PR team. The only official statement from the company is “ongoing, highly sensitive criminal investigation” as the reason for their restraint.
Digital Revenge or Dangerous Extremism?
xenZen claims the attacks stem from grievances voiced by policyholders whose legitimate insurance claims were allegedly denied. The hacker told Reuters that several customers had reached out after being denied reimbursements, motivating them to expose what they described as “institutional injustice.”
In the same communication, xenZen disturbingly referenced the December 2024 assassination of UnitedHealthcare CEO Brian Thompson, whose murder had triggered global panic in the health insurance industry. The hacker implied the threats toward Star Health were fueled by a similar sense of injustice an ominous parallel that has raised red flags across both corporate and security establishments.
Cybersecurity experts warn that this new breed of cybercriminals is not just tech-savvy but ideologically charged and willing to escalate from digital breaches to physical harm. “We’re seeing a convergence of activism, vigilantism, and terrorism — all facilitated by technology,” said a Delhi-based cyber law expert.