Crypto Ransom Requested to Restore Compromised Servers of Indian Hospital: Report

India’s largest and most advanced public hospital, popularly known by its acronym AIIMS (The All India Institute of Medical Sciences), had its servers hacked on November 23.

Even though they remained out of service for the sixth day in a row, a new twist has emerged in the ongoing multi-agency investigation and restoration effort.

A leading news agency claimed on Monday that the attackers demanded a ransom of 200 million rupees ($25 million) to restore nearly 50 servers that were down after the events.

$25 million ransom demand

Press Trust of India (PTI) said in a report on Monday that the hackers demanded a ransom of Rs. 200 crore ($25 million) in cryptocurrency to restore the compromised servers.

PTI broken this news on Twitter as well. “Hackers allegedly demanded around Rs 200 cr in cryptocurrency from AIIMS-Delhi as its server remains down for the sixth consecutive day; emergency patient care wards, outpatients, impatient manually managed lab wings: sources. It said.

Incidents of ransomware attacks and the use of cryptocurrency to receive dirty money seem quite common.

CryptoPotato reported last month that the US DOJ had seized $22 million in BTC from a 35-year-old Canadian citizen, Sébastien Vachon-Desjardins, who was involved in ransomware attacks. Vachon-Desjardins was also sentenced to 20 years in federal prison.

In another incident last month, Brazilian bank BRB allegedly paid hackers 50 BTC to recover locked sensitive data after it was stolen following a security breach.

Delhi police dispute ransom demand

Hours after the PTI report, widely picked up by Indian media, Delhi police clarified in a tweet that AIIMS authorities had not brought the ransom demand to their attention.

“Some sections of the press are reporting that a ransom has been demanded against the restoration of the @aiims_newdelhi server. No such information has come to the attention of AIIMS authorities. #DelhiPoliceUpdates”, Delhi Police tweeted.

Investigation and restoration efforts

India’s major computer investigation and response agencies, including the National Intelligence Agency (NIA) and the India Computer Emergency Response Team (CERT-IN), are investigating the incident and trying to restore the servers to working order. .

The hack is feared to have hijacked the data of 30-40 million patients. AIIMS is also the hospital where most government figures, including former prime ministers, are treated.

Meanwhile, ppatient care services are managed manually in outpatient, inpatient, laboratory, and emergency departments. Located in the Indian capital New Delhi, AIIMS treats an average of 12,000 new outpatients every day. AIIMS has nearly 50 servers to run its operations, and all of them are down right now.

Featured image courtesy of JustDial


Binance Free $100 (Exclusive): Use this link to sign up and receive $100 free and 10% off Binance Futures fees for the first month (terms).

PrimeXBT Special Offer: Use this link to sign up and enter code POTATO50 to receive up to $7,000 on your deposits.

Leave a Comment