Hackers have allegedly demanded an estimated ₹200 crore in cryptocurrency from the All India Institute of Medical Sciences (AIIMS), Delhi as its server remained out of order for the sixth consecutive day, official sources said on Monday.
It is feared that data of around 3-4 crore patients could have been compromised due to the breach detected Wednesday morning.
Patient care services in emergency, outpatient, inpatient, and laboratory wings are being managed manually as the server remained down, the sources said.
The Delhi Police, however, issued a statement, saying "no ransom demand as being quoted by certain sections of the media has been brought to notice by AIIMS authorities." The India Computer Emergency Response Team (CERT-IN), Delhi Police, and representatives of the Ministry of Home Affairs are investigating the ransomware attack.
A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25.
Official sources said internet services are blocked on computers at the hospital on the recommendations of the investigating agencies.
The AIIMS server has stored data of several VIPs, including former prime ministers, ministers, bureaucrats, and judges.
"Hackers have allegedly demanded around ₹200 crore in cryptocurrency," one of the sources told PTI.
Network sanitisation
Meanwhile, the NIC e-hospital database and application servers for e-hospital have been restored. The NIC team is scanning and cleaning infections from other e-hospital servers located at AIIMS, which are required for the delivery of hospital services, an official source said.
Four physical servers arranged for restoring e-hospital services have been scanned and prepared for the databases and applications.
Also, the AIIMS network sanitisation is in progress. Antivirus solutions have been organised for servers and computers. It has been installed on nearly 1,200 out of 5,000 computers. Twenty out of 50 servers have been scanned and this activity is ongoing 24x7, the source said.
"The full sanitisation of the network is likely to continue for five more days. Thereafter, e-hospital services can be rolled out in a phased manner. Patient care services, including emergency, outpatient, inpatient, laboratory etc. services, are being continued on manual mode," the source said.