alphv attacks AIIM
Incident Date:
August 3, 2022
Overview
Title
alphv attacks AIIM
Victim
AIIM
Attacker
Alphv
Location
First Reported
August 3, 2022
AIIMS Ransomware Attack: A Wake-up Call for Healthcare Cybersecurity
On November 23, 2022, the All India Institute of Medical Sciences (AIIMS) in New Delhi was targeted by a ransomware attack that compromised its e-hospital service, responsible for managing patient data systems. This cyber assault led to the shutdown of both main and backup servers, with the perpetrators demanding a ransom of ₹4.2 crore, approximately equivalent to 30 bitcoins, and prompting AIIMS to "prepare for a negotiation".
AIIMS is renowned for its comprehensive patient database, encompassing Personally Identifiable Information (PII) of patients and healthcare workers, alongside administrative details such as blood donor records, ambulance records, vaccination records, caregiver records, and login credentials. The cybercriminals exploited vulnerabilities in the e-hospital service, impacting outpatient department (OPD) operations and sample collection services.
The incident at AIIMS underscores a growing concern within the healthcare sector, which has experienced a notable increase in cyberattacks amid the pandemic. Specifically, the sector saw a 95.34% rise in attacks compared to the same timeframe in 2021, making the Indian healthcare industry the second most targeted globally in terms of cyber threats.
Strengthening Cybersecurity in Healthcare
The ransomware attack on AIIMS serves as a critical reminder of the urgent need for healthcare organizations to enhance their cybersecurity protocols. This includes adherence to regulatory standards such as the Health Insurance Portability and Accountability Act (HIPAA), fostering cybersecurity awareness among staff and patients, implementing secure password policies and multi-factor authentication, and ensuring regular updates and patches for networks, systems, and software.
Given the sensitive nature of patient data and the potential repercussions of its compromise, it is imperative for healthcare institutions to prioritize cybersecurity measures to safeguard against such threats and mitigate the risks to patient safety and privacy.
Sources
- AIIMS ransomware attack: what it means for health data privacy - ET CISO
- AIIMS ransomware attack: Key patient data at risk of leak, sale on dark web - ET HealthWorld
- Ransomware attack on AIIMS: What it is, how serious it is, and other information - LinkedIn
- Ransomware attackers say AIIMS 'deadline' has ended - Hindustan Times
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.