Hackers have allegedly demanded an estimated Rs 200 crore in cryptocurrency from the All India Institute of Medical Sciences (AIIMS), Delhi as its server remained out of order for the sixth consecutive day, official sources said on Monday.
It is feared that data of around 3-4 crore patients could have been compromised due to the breach detected Wednesday morning.
Patient care services in emergency, outpatient, inpatient and laboratory wings are being managed manually as the server remained down, the sources said.
The Delhi Police, however, issued a statement, saying "no ransom demand as being quoted by certain sections of the media has been brought to notice by AIIMS authorities."
The India Computer Emergency Response Team (CERT-IN), Delhi Police and representatives of the Ministry of Home Affairs are investigating the ransomware attack.
A case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police on November 25.
Official sources said internet services are blocked on computers at the hospital on the recommendations of the investigating agencies.
The AIIMS server has stored data of several VIPs, including former prime ministers, ministers, bureaucrats and judges.
"Hackers have allegedly demanded around Rs 200 crore in cryptocurrency," one of the sources told PTI.
Meanwhile, the NIC e-hospital database and application servers for e-hospital have been restored. The NIC team is scanning and cleaning infection from other e-hospital servers located at AIIMS which are required for delivery of hospital services, an official source said.
Four physical servers arranged for restoring e-hospital services have been scanned and prepared for the databases and applications.
Also, the AIIMS network sanitisation is in progress. Antivirus solutions have been organised for servers and computers. It has been installed on nearly 1,200 out of 5,000 computers. Twenty out of 50 servers have been scanned and this activity is ongoing 24x7, the source said.
"The full sanitisation of the network is likely to continue for five more days. Thereafter, e-hospital services can be rolled out in a phased manner. Patient care services including emergency, outpatient, inpatient,laboratory etc services are being continued on manual mode," the source said.
The AIIMS-Delhi in a statement said, "The data restoration and server cleaning is in progress and is taking some time due to the volume of data and large number of servers for the hospital services. Measures are being taken for cyber security."
All hospital services, including outpatient, in-patient and laboratories, continue to run on manual mode, it added.
