Cyber attack on AIIMS Delhi servers originated in China: Report

Of the 100 servers at AIIMS -- 40 physical and 60 virtual -- five physical servers were infiltrated by the hackers, the report said, adding that the data has been successfully retrieved

AIIMS Delhi, cyber attack
AIIMS Delhi faced a cyber attack on November 23, paralysing its servers | Photo: PTI

The attack on the computer system of the All India Institute of Medical Sciences (AIIMS) in Delhi originated from China, an agency report quoted the ministry of health and family welfare on Wednesday.

“The server attack was by the Chinese; the probe found that it originated from China,” a top source told NDTV.

Of the 100 servers (40 physical and 60 virtual), five physical servers were infiltrated by the hackers. The data in the five servers has been successfully retrieved, senior officials from the ministry told ANI. The damage would have been far worse but is now contained, it said.

Also read: AIIMS resumes online registration, other services in phased manner


Every year, around 38 lakh patients, including top political leaders, bureaucrats and judges, get treated at AIIMS.

The cyber attack

AIIMS Delhi faced a cyber attack on November 23, paralysing its servers. A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the ==–Delhi Police on November 25. Two of the analysts deployed to look after the servers’ securities have been suspended for the alleged breach of cyber security.

The police have, however, denied reports that hackers asked for Rs 200 crore in cryptocurrency as ransom to restore the system.

All online services at the hospital — from appointments to billing to sharing of reports with patients — were affected. Additional staff was deployed as the hospital switched to manual mode.

Issue in Lok Sabha

The issue came up in Parliament two days ago, when senior Congress leader Shashi Tharoor called for a thorough investigation, and measures to ensure no repeat. “The origin, intent and extent of the attack remain unclear,” the MP from Thiruvananthapuram had said in the Lok Sabha.

Also read: How hackers can access potential ‘gold mine’: AIIMS cyberattack a case in point

The possibility of this being a “hostile cross-border attack” is a grave concern, Tharoor stressed. “It also reflects the weak data protection safeguards in our country especially by government institutions,” he said, as per news agency PTI.

Citing the proposed law on personal data protection, he criticised the government for “doing away with” a special category of sensitive personal data, including health data, that required stringent safeguards as per the 2019 draft.

(With Agency inputs)