AIIMS data breach sparks fear; hackers could misuse information

The zigzag queues which start forming outside the All India Institute of Medical Sciences (AIIMS) from 6 am have now started forming before dawn.

The hospital’s computer systems have been down for 10 days and all patients have to register using the traditional method of pen and paper.

“We are seeing huge lines outside OPDs and in every department,” says a senior doctor, adding: “The logistics of working without the server are bad.”

Following a suspected malware assault that was detected on November 23, the AIIMS servers went offline, leaving patient data, registration processes, and even the Internet inaccessible. Anywhere between 30 million and 40 million patient records are now accessible to whoever broke into the networks. And that includes personal data from patients’ Aadhaar and PAN cards as well as medical history. This could therefore indicate that numerous patients’ bank information has been hacked.

This week, technicians were able to restore some of the systems, including the e-data. However, the network is currently being “sanitised” in order to allow the restoration of services, according to AIIMS.

The sanitisation “process is taking some time due to the volume of data and the large number of servers/computers for the hospital services,” the hospital said.

Patient confidentiality may suffer

A significant number of the country’s senior political leaders, for whom AIIMS is sometimes a first visit if they get ill, may be among those whose data has been disclosed. Recently, RJD leader Laloo Prasad Yadav stayed there for a considerable amount of time. On another level, a doctor warns, patient confidentiality may also suffer.

Also Read: Gujarat Election: PM Modi takes on Kharge’s Ravan jibe, says Congress leaders compete to abuse him

“Confidentiality is another aspect. Some patients may have cancer which they don’t want to reveal to their employer.”

A swarming of government investigative and tech agencies have descended on the hospital, led by groups like the Delhi Police Intelligence Fusion and Strategic Operations and the Indian Computer Emergency Response Team (CERT-in), which deals with cybersecurity threats (IFSO).

The National Informatics Centre, which runs the hospital’s tech systems, is struggling to return to normalcy. Authorities now say online services will return to operation in a “phased manner” from December 6. AIIMS said new “measures are being taken for cyber security.”

For all the news update subscribe our YouTube channel ‘DNP India’. You can also follow us on FACEBOOK, INSTAGRAM and TWITTER.

Exit mobile version