Cyber Security News

AIIMS Server Hacked – Hacker Demand 200 Crore in Cryptocurrency

The All India Institute of Medical Sciences (AIIMS), Delhi’s server has been down for six days in a row, and sources told news agency PTI that hackers have allegedly demanded almost 200 crores in cryptocurrencies from the institution.

Reports stated that the hack, which was found on Wednesday morning, exposed the information of 3 to 4 crore patients.

Particularly, several VIPs, including former prime ministers, ministers, officials, and judges, have data stored on the AIIMS server.

The Specifics of the Data Breach

The reports claim that due to the server being down, patient care services in the emergency, outpatient, inpatient, and laboratory wings are being managed manually.

The Delhi Police, however, issued a statement, saying “no ransom demand as being quoted by certain sections of the media has been brought to notice by AIIMS authorities”.

The India Computer Emergency Response Team (CERT-IN), Delhi Police, and representatives of the Ministry of Home Affairs are investigating the ransomware attack.

In the while, the NIC e-hospital database and application servers have become operational again. The NIC team is now scanning and cleaning additional AIIMS e-hospital servers that are required for the provision of hospital services.

Additionally, for the four physical servers that have been set up to restore e-hospital services, the databases and applications have been scanned and prepared.

Reports say the AIIMS network is also being sanitised. There are plans for anti-virus programmes for computers and servers. 

Almost 1,200 of the 5,000 available computers have it installed. This effort is happening around the clock, seven days a week, and twenty out of fifty servers have already been inspected.

Investigation of the Attack

A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on 25 November.

The official sources mention that internet services are blocked on computers at the hospital on the recommendations of the investigating agencies.

There is a possibility that Chinese hackers are accountable for the attack, according to speculation. The lack of cloud-based servers and a poor firewall are likely to blame for the ransomware attack.

Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Hackers Abuses SVG Image Files to Deliver GUloader Malware

Hackers are exploiting the versatility of SVG (Scalable Vector Graphics) files to distribute the GUloader…

4 hours ago

Kali Linux 2024.1 Released with New Hacking Tools – What’s New!

Kali Linux 2024.1 was released, marking the year's first release with new hacking tools, visual…

7 hours ago

UNC1549 Hackers Abuse Microsoft Azure Cloud To Attack Defense Sectors

A new threat activity has been discovered that relates to the Iran-Nexus espionage activity that…

21 hours ago

Russian Hackers Hijack Ubiquiti Routers To Proxy Network

Threat actors hijack routers to gain unauthorized access to network traffic. This enables them to…

21 hours ago

FBI, CISA warns Of ALPHV Blackcat Ransomware Attacking Hospitals

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the…

21 hours ago

LiteSpeed Cache Plugin XSS Flaw Exposes 4M+ Million Sites to Attack

A critical vulnerability has been discovered in the LiteSpeed Cache plugin, a popular WordPress plugin…

22 hours ago