India’s leading public medical institute, All India Institute of Medical Services, or AIIMS, is experiencing outages following a cyberattack.
The outages affect hundreds of patients and physicians accessing primary healthcare services, including patient admission, discharge and billing systems.
Established in 1956, AIIMS enrolls thousands of undergraduate and postgraduate medical students. It is also one of the largest public hospitals, with a capacity of over 2,200 beds.
The cyberattack, reported Wednesday night in New Delhi, appears to be a ransomware attack, with attackers changing the extensions of infected files, hospital authorities said.
AIIMS officials told TechCrunch that patient care services have been severely impacted since Wednesday morning.
The medical institute switched to manual operations, including manually writing patient notes, because the server recording patient data stopped working. The outages led to long queues and errors in handling emergency cases.
After the first hours of disruption, hospital authorities confirmed the cyberattack in a press release. The outages continued through Thursday.
“We are unable to send many blood tests, request imaging studies and we are unable to view previous reports or images. Many such surgeries are done manually, which is more time-consuming and error-prone,” a resident physician, who asked not to be named because he was not authorized to speak to the doctor, told TechCrunch. hurry.
Hospital authorities later Thursday directed physicians to continue to use handwritten notes, including hand-signing birth and death certificates as long as the systems remain idle.
A team from the National Computer Center is working closely with India’s Computer Emergency Response Team to help with the organization’s recovery. An effort to restore data from backups is underway, according to a person with direct knowledge of the incident.
Meanwhile, several law enforcement agencies including the Central Bureau of Investigation and the Delhi Police’s Intelligence Fusion & Strategic Operations are investigating the incident and the people behind the attack. The police department also deposit an official complaint about it.
Details of whether the attackers could access patient data have yet to be publicly announced.