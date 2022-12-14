The ransomware attack on the servers of the All India Institute of Medical Sciences (AIIMS), Delhi was carried out by Chinese hackers, news agency ANI reported on Wednesday citing a government source. It added that of the 100 servers, five physical servers were successfully infiltrated by the hackers.

"AIIMS Delhi server attack was by the Chinese, FIR details that the attack had originated from China. Of 100 servers (40 physical and 60 virtual), five physical servers were successfully infiltrated by the hackers. The damage would have been far worse but is now contained. Data in the five servers has been successfully retrieved now," the source from the Union health ministry told ANI on Wednesday.

The personal details of millions of patients in AIIMS Delhi were at risk due to the ransomware attack last month. In December, a special cell of the Delhi Police launched an investigation into the attack.

The investigations found that the IP addresses of two emails identified from the headers of files encrypted by the hackers originated from Hong Kong and China’s Henan province.

Meanwhile, authorities from AIIMS said in a statement that the e-hospital data was restored.

"The e-hospital data has been restored on the servers. The network is being sanitized before the services can be restored. The process is taking some time due to the volume of data and a large number of servers/computers for the hospital services. Measures are being taken for cyber security," the statement said.

It added all hospital services, including outpatient, in-patient, laboratories, etc., continue to run on manual mode.



AIIMS, Delhi, faced the cyberattack on November 23 after which a case of extortion and cyber terrorism was registered by the Delhi Police on November 25. The internet services were blocked as per the recommendations of the investigating agencies.

Computer Emergency Response Team (CERT-In), Delhi cybercrime special cell, Indian Cybercrime Coordination Centre, Intelligence Bureau, CBI and National Investigation Agency, are investigating the ransomware attack that is feared to have compromised the records of nearly four crore patients.



(With inputs from ANI)

