alphv attacks AIIM

Incident Date: Aug 03, 2022

Attack Overview

VICTIM

AIIM

INDUSTRY

Business Services

LOCATION

India

ATTACKER

Alphv

FIRST REPORTED

August 3, 2022

Request Removal

AIIMS Ransomware Attack: A Wake-up Call for Healthcare Cybersecurity

On November 23, 2022, the All India Institute of Medical Sciences (AIIMS) in New Delhi was targeted by a ransomware attack that compromised its e-hospital service, responsible for managing patient data systems. This cyber assault led to the shutdown of both main and backup servers, with the perpetrators demanding a ransom of ₹4.2 crore, approximately equivalent to 30 bitcoins, and prompting AIIMS to "prepare for a negotiation".

AIIMS is renowned for its comprehensive patient database, encompassing Personally Identifiable Information (PII) of patients and healthcare workers, alongside administrative details such as blood donor records, ambulance records, vaccination records, caregiver records, and login credentials. The cybercriminals exploited vulnerabilities in the e-hospital service, impacting outpatient department (OPD) operations and sample collection services.

The incident at AIIMS underscores a growing concern within the healthcare sector, which has experienced a notable increase in cyberattacks amid the pandemic. Specifically, the sector saw a 95.34% rise in attacks compared to the same timeframe in 2021, making the Indian healthcare industry the second most targeted globally in terms of cyber threats.

Strengthening Cybersecurity in Healthcare

The ransomware attack on AIIMS serves as a critical reminder of the urgent need for healthcare organizations to enhance their cybersecurity protocols. This includes adherence to regulatory standards such as the Health Insurance Portability and Accountability Act (HIPAA), fostering cybersecurity awareness among staff and patients, implementing secure password policies and multi-factor authentication, and ensuring regular updates and patches for networks, systems, and software.

Given the sensitive nature of patient data and the potential repercussions of its compromise, it is imperative for healthcare institutions to prioritize cybersecurity measures to safeguard against such threats and mitigate the risks to patient safety and privacy.

Sources

AIIMS ransomware attack: what it means for health data privacy - ET CISO
AIIMS ransomware attack: Key patient data at risk of leak, sale on dark web - ET HealthWorld
Ransomware attack on AIIMS: What it is, how serious it is, and other information - LinkedIn
Ransomware attackers say AIIMS 'deadline' has ended - Hindustan Times

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.