On 23 November, the All India Institute of Medical Sciences in New Delhi, India reported an IT outage due to a suspected ransomware attack.

In a statement, it said that the servers for its e-hospital system went down, affecting digital hospital services, including smart lab, billing, report generation, and appointment system. The forerunning AIIMS institute currently manages over 2,500 beds.

AIIMS Delhi then immediately shifted to manual operations. However, it has struggled to cater to patients without unique health IDs and handle patient admissions and discharges.

It also immediately sought the assistance of the National Informatics Centre (NIC) and the Indian Computer Emergency Response Team to restore its digital services while the incident had been reported to the Delhi police. The Intelligence Bureau, Central Bureau of Investigation, Ministry of Home Affairs, and the National Investigation Agency have also joined in on the investigation. 

The following day, AIIMS issued a new set of SOPs, stating that admission, discharge, and transfer of patients will be done manually until the e-hospital system gets back online. 

Meanwhile, the Delhi Police filed a first information report for cyber-terrorism, computer-related fraud, and extortion against unidentified persons responsible for the attack.

Moreover, as a safety measure, the internet services at AIIMS have been reportedly blocked.

Over the weekend, the hospital said additional staff has been deployed to help run diagnostics, labs, and OPD services while the e-hospital system remains down. Since the incident, AIIMS Delhi has been seeing 12,000 patients daily. 

As of Monday, AIIMS remained in manual mode while efforts to restore data and clean IT servers were ongoing, which it said may take some time due to the volumes of data and servers they are dealing with.

Initial investigations into the cyber hack point to the involvement of foreign actors. Meanwhile, the Delhi police have denied reports of an alleged ransom demand in cryptocurrency from hackers. 

WHY IT MATTERS

According to a news report, the cyber incident might have exposed the hospital records of around 40 million patients. The exploited AIIMS database might have contained PPIs of patients and healthcare workers, as well as records on blood donors, ambulances, vaccination, caregivers and employee login credentials. 

THE LARGER TREND

This major cyber attack comes as the forerunner AIIMS institute is set to fully implement the e-hospital system next year as part of its transition to a paperless hospital. The e-hospital platform, which was developed by the NIC, is an HMIS hosted on the MeghRaj national cloud system which enables the digitisation of internal workflows and processes and serves as a single digital platform connecting patients, hospitals, and doctors. 

Also starting in April next year, AIIMS Delhi will go all-digital for payments. It is currently setting up a smart card payment facility at its counters.