AIIMS ransomware attack’

The All India Institute of Medical Sciences, a medical research university, and hospital – working under the aegis of the Ministry of Health and Family Welfare of India, recently faced a mega-scale cyber attack. This ransomware attack which happened on 23rd of November 2022, has impacted hospital services like the creation of Unique Health Identification, registrations, laboratory results, the process of paying, and patient discharge, among others, and rendered centralized records inaccessible. This had led the hospital to start functioning manually which is very certainly acting as a hindrance as the medical records of patients are now inaccessible. Moreover, multiple administrative issues such as a lack of a centralized appointment booking and payment system are bound to arise.

This data breach is much more concerning than it seems as the patient’s protected health information, their credit card/bank account numbers, personally identifying information like Social Security Number, and other identity card information is at stake. Not only that but reports are already stating that the hacked data has been put for sale on the dark web, leaving as many as 4 crore people privy to extortion, blackmail, and even the threat of identity theft. Moreover, data belonging to very many VVIPs has also been stolen, causing a threat to national security.

Amidst this fiasco, the Central Government’s stand will have to be seen. Will they pay the ransom of Rs. 200 Crore in cryptocurrency being asked for by the hacker or will they set up an investigation team?