Cyber attack on AIIMS from ‘outside India’

We are recreating the mode used to hack the server. However, the investigation so far hints at the origin of the attack (cyber) outside India.

Published: 26th November 2022 08:18 AM  |   Last Updated: 26th November 2022 08:18 AM   |  A+A-

hacking, snooping, cyber crime

Image used for representational purpose only. (File Photo)

Express News Service

NEW DELHI: For the third straight day, digital healthcare services at AIIMS here remained crippled under a major cyberattack the hospital faced earlier this week. Sources privy to the development indicated foreign hands observing the magnitude of the cyber attack. “The probe is in the preliminary stage.

We are recreating the mode used to hack the server. However, the investigation so far hints at the origin of the attack (cyber) outside India. It could be a syndicate or state actor. Therefore, it’s taking a huge time and resources to locate the perpetrators,” a senior official revealed on the condition of anonymity.

The cyber-attack, which AIIMS reported on Wednesday at 6:45 am has shut down its main and back-up servers. The attackers hacked e-hospital service which manages patient data system and routine activities in the patient care areas including OPD registrations, appointments report generations (tests), smart lab, billing, among others.

However, National Informatics Centre (NIC) officials timely separated its second back-up server to prevent further damage. Experts are trying to retrieve the data from the e-hospital and lab information on external drive while four more servers have been integrated to the hospital’s network, officials said. Officials estimated that the perpetrators have held ransom of over 4 crore patients’ profiles consisting of sensitive medical records and personal data. It includes top politicians and foreign dignitaries who received treatment at AIIMS.

The perpetrator of the cyber attack has asked the hospital to “prepare for a negotitation” against the data held captive. “A protonmail address has been left for the institute for communication. An undisclosed demand has been sought in cryptocurrency in exchange for a key that would decrypt the data,” sources informed.  The cyber-attack through ransomware is the first such attack on a major government healthcare institution.


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on are those of the comment writers alone. They do not represent the views or opinions of or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp