A threat actor claims to have breached Vidal Health Insurance TPA Pvt. Ltd. (Vidal Health), a leading IRDAI-licensed third-party administrator in India. The company facilitates health insurance services, including claims processing and cashless hospitalization, for major insurers and government health schemes like Ayushman Bharat.
The threat actor is advertising a database of 472 GB, allegedly exfiltrated in October 2025 and containing 326,865 files. The data is being offered for sale for $3,000. According to the actor and samples provided, the compromised data includes a vast amount of sensitive patient and personal information:
- Full names
- Patient medical records
- Lab reports (e.g., ECG, USG)
- Pre-authorization and consultation forms
- Hospital admission and billing documents
- Know Your Customer (KYC) files
- Photo IDs
- Aadhaar card details
- PAN card details
