Star Health Fined Rs 3.39 Crore For Data Breach: What You Should Do To Protect Your Details

Star Health and Allied Insurance has been fined Rs 3.39 crore by the insurance regulator. The Insurance Regulatory and Development Authority of India (Irdai) said the company failed to report a major data breach and didn’t follow cybersecurity rules. The breach exposed data of over three crore policyholders. It included names, addresses, phone numbers, PAN details, policy records, and medical information. Irdai said about 7.24 terabytes of personal data were compromised. According to the regulator, the company did not report the breach on time. It also didn’t have proper checks in place to detect the breach early.

These lapses were found to be in violation of Irdai’s cybersecurity guidelines, introduced in 2023. Along with the fine, Irdai has ordered Star Health to carry out a detailed audit of its IT systems. The company has been formally warned and told to fix gaps in its security framework. This is one of the biggest actions taken by Irdai in a data-related case. It comes at a time when more insurers are moving operations online. The amount of personal and health data being stored digitally has grown quickly in recent years.

What You Should Do To Protect Your Data Privacy 

Policyholders who use insurance apps or websites should take basic precautions. Use strong passwords. Enable two-factor authentication. Avoid logging in over public Wi-Fi. Keep an eye on your statements or policy records for anything suspicious. If your data is misused or if you see activity you didn’t authorise, report it to the insurance company. If there’s no response, complaints can be made through Irdai’s online grievance portal.

The breach at Star Health has put pressure on other insurers to review their systems. Companies are now expected to run regular security tests and report any incidents without delay. Experts say insurers can no longer treat cybersecurity as a side issue. It must be a core part of how the business is run. A weak system puts customer data at risk, and now also brings financial penalties and damage to reputation.

For the public, the message is clear: check who you’re trusting with your personal information. And for insurers, the warning from the regulator leaves little room for error.