In one of the highest volumes of cyberattacks in India, details of 20 lakh patients with the Regional Cancer Center (RCC) here were compromised, affecting 11 out of 14 servers and causing disruptions in many divisions, including the Radiation Department.
The attack compromised the health information of over 20 lakh patients and demanded a ransom in cryptocurrency, sources told UNI.
But there were allegations that the Korean-based cybercriminals successfully infiltrated the data source of RCC and extracted sensitive information of over 80 lakh patients and demanded a ransom of USD 100 millions.
“The cyberattack on the Radiation Department at the RCC in Thiruvananthapuram took place on April 30, 2024. It is a state-owned premium cancer care hospital and research centre, serving patients from across India. The attack targeted software used for radiation treatment. The software administering radiation to patients was hacked. The group responsible for the attack is known as the Daixin Team,” the sources said.
Two key servers storing health information for more than 20 lakh people were compromised. Servers containing surgical, radiation, and pathology results of lakhs of patients were attacked.
The attack sabotaged the treatment and follow-up examinations of patients. Patients could receive incorrect radiation doses, posing life-threatening risks.
The hackers claimed responsibility and sent an email from abroad. They demanded cryptocurrency worth billions of rupees. Radiation treatment has been halted since the attack and is expected to resume in the coming days.
The attack put sensitive patient data at risk, including personal credentials like names, ages, addresses, phone numbers, and medical histories.
According to the Cyber Police probing the case and the Computer Emergency Response Team (CERT-K), the role of Chinese and North Korean hackers is suspected.
A similar cyber attack on Delhi AIIMS took place in 2022, in which the health information of prominent individuals was compromised.
The RCC has implemented just perimeter security with an entry level UTM and has no layered security with DiD strategy. It is understood that RCC does not even have an approved cyber security policy. Many cyber security experts cautioned against these security lapses, but the RCC ignored them.
Meanwhile, demanding a probe by the central agencies, cyber experts say the director of the RCC has a responsibility to communicate with patients and stakeholders regarding the cyberattack, particularly when it involves a significant data breach such as the theft of data from 20 lakh patients.