wordpress blog stats
Connect with us

Hi, what are you looking for?

E-hospital malware attack: IT Minister of State Rajeev Chandrasekhar denies the breach, while AIIMS confirms it

AIIMS also claimed that the attempt was “successfully thwarted” and the threat was “neutralised” by the team.

A malware attack on the e-hospital software of All India Institute of Medical Sciences (AIIMS), New Delhi, was detected by the cyber-security systems in AIIMS on June 6, according to a tweet by the institute. The institute also claimed that the attempt was “successfully thwarted” and the threat was “neutralised” by the team. However, IT Minister of State Rajeev Chandrasekhar tweeted yesterday denying the cyber-attack and made claims that do not look convincing enough. We discuss this below in the article.


AIIMS was hit by a major ransomware attack in November last year, which disrupted critical health services at the hospital and exposed the health data of millions of patients to severe data security risks. The latest news of the attack on the e-hospital server was first tweeted by Ashish Srivastava, The New Indian Express reporter, who stated that according to sources, the e-hospital software was inoperable since afternoon and a ‘virus found’ notification was displayed when someone tried to access it. The tweet by AIIMS came an hour after Srivastava’s tweet.

STAY ON TOP OF TECH POLICY: Our daily newsletter with top stories from MediaNama and around the world, delivered to your inbox before 9 AM. Click here to sign up today! 

Advertisement. Scroll to continue reading.

According to The New Indian Express report, registration, billing and other services were hit on Tuesday due to the suspected cyber-attack. AIIMS claimed in its tweet that the e-hospital services are now fully secure and are functioning normally.


Why it matters: Ransomware incidents have doubled in the country since 2020, as per data tabled in the Parliament in December last year. The AIIMS server attack in November exposed serious lapses in the cybersecurity system. But, the government has been claiming that the attack was a result of a conspiracy by foreign actors, thus shifting the focus away from critical questions on what is being done to avert such cyber-incidents in future. Also, given the threats looming over health infrastructure, whether or not the government declare health as a ‘critical sector’ is something that needs to be watched out.

Is E-hospital not on the internet?

Advertisement. Scroll to continue reading.

IT Minister of State Rajeev Chandrasekhar was quick to respond to the reporter’s tweet denying the cyber-attack. According to the minister, e-hospital is an internal application, which is not available for internet users. He claimed that an attempt by someone to access the portal generated the alert due to a security layer used by AIIMS and the same person circulated the screenshot of the error message displayed. The minister ‘s tweet comes after AIIMS confirmed that a malware attack was indeed detected in the software.

E-hospital data compromised in 2017: In 2017, Abhinav Srivastav, an Ola employee created an Aadhaar e-KYC verification application, which provided Aadhaar data verification by illegally accessing the UIDAI server. According to MediaNama’s report, the data was legally housed with an NIC server, but illegally accessed.

Advertisement. Scroll to continue reading.

It was found that the app accessed UIDAI data through the e-hospital app and made the information available. MediaNama’s report states that the only eHospital app on Google Play store was run by the government of India and was listed by Mobile Seva, a government initiative for mobile governance. As per the description on the app, e-hospital served as an online registration facility, was hosted on the cloud services of the National Informatics Centre and used eKYC of Aadhaar to extract patient data.

Responding to the minister’s tweet, technologist Anivar Aravind was quick to point out the 2017 case discussed above. Aravind highlighted that the eKYC app was using UIDAI API in the e-hospital backend and connecting it via the internet, which implies that the app is on the internet.

This post is released under a CC-BY-SA 4.0 license. Please feel free to republish on your site, with attribution and a link. Adaptation and rewriting, though allowed, should be true to the original.

Advertisement. Scroll to continue reading.

Also Read:

Written By

Curious about privacy, surveillance developments and the intersection of technology with education, caste and welfare rights.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...


Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...


RBI Deputy Governor Rabi Shankar called for self-regulation in the fintech sector, but here's why we disagree with his stance.


Both the IT Minister and the IT Minister of State have chosen to avoid the actual concerns raised, and have instead defended against lesser...


The Central Board of Film Certification found power outside the Cinematograph Act and came to be known as the Censor Board. Are OTT self-regulating...

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ