AIIMS Delhi Cyberattack Originated From China; Data From Five Servers Successfully Retrieved, MoHFW Says

aiims-delhi-cyberattack-originated-from-china;-data-from-five-servers-successfully-retrieved,-mohfw-says

The AIIMS Delhi cyberattack, which crippled the online services of Delhi’s largest medical institute, originated from China, according to the FIR. Hackers breached five out of 40 physical servers, and the data from all five servers has now been successfully retrieved, senior officials from the Ministry of Health and Family Welfare, Government of India (MoHFW) said on Wednesday. 

“AIIMS Delhi server attack was by the Chinese, FIR details that the attack had originated from China. Of 100 servers (40 physical and 60 virtual), five physical servers were successfully infiltrated by the hackers. The damage would have been far worse but is now contained. Data in the five servers have been successfully retrieved now,” said the source from the Ministry of Health and Family Welfare (MoHFW).

AIIMS Delhi first reported a failure in its servers on November 23. Two of the analysts deployed to look after the servers’ securities have also been suspended for the alleged breach of cybersecurity.

AIIMS authorities in a statement issued stated that the e-Hospital data has been restored.

“The eHospital data has been restored on the servers. The network is being sanitised before the services can be restored. The process is taking some time due to the volume of data and a large number of servers/computers for the hospital services. Measures are being taken for cyber security,” they had said. “All hospital services, including outpatient, in-patient, laboratories, etc continue to run on manual mode,” the statement had said.

Earlier this month, a special cell of Delhi Police launched an investigation into the attack on the computer system at AIIMS Delhi.

According to official sources, a team of the Central Forensic Lab (CFSL) has been pressed into service to check the infected server of the AIIMS Delhi to identify the source of the malware attack.


Affiliate links may be automatically generated – see our ethics statement for details.