Chennai: Following the hack on AIIMS, the personal information of 1.5 lakh patients at a hospital in Tamil Nadu named Tirupur has been made available for purchase online. The information has been made available online through Telegram channels and certain cybercrime forums, claims Singapore-based CloudSEK, a contextual AI startup that forecasts cyberthreats.
According to a research by CloudSEK, patient data put available for sale between 2007 and 2011 came from a database of the Sree Saran Medical Centre and included information such birth dates, residences, guardian’s names, and doctor’s details. However, according to hospital president Dr. Palanisamy, no patient medical information was compromised. The facility has new database software and a new service provider.
‘No electronic health records are kept at the facility. Our service was supplied for a year by Three Cube IT Lab. Although we migrated to a different firm four years ago, we used their software to develop our database’, said Palanisamy. Rahul Sasi, the founder of CloudSEK, claims that no evidence has been uncovered yet indicating if data from a time period after that has also been stolen.
The intrusion was discovered after the business saw, on November 22, a post in a forum for cybercriminals, ‘promoting sensitive information of patients purportedly supplied from Chennai-based Three Cube IT Lab India’. According to a ToI report, the personal data was marketed for $100 (indicating that many copies of the database would be sold), was raised to $300 for hackers wishing to be the database’s sole owner, and was priced at $400 if the owner intended to resell the information.
CloudSEK’s researchers used the names of doctors from a database to identify the hospital affected. This is the second incident of hacking in the healthcare sector in India in less than a week. ‘Indian healthcare has the second largest threat of cyberattack after the US,’ says CloudSEK founder Sasi.
1.9 million cyberattacks target the Indian healthcare industry!
According to information released by cybersecurity think tank CyberPeace Foundation and Autobot Infosec Private Ltd. this year through November 28, the country’s healthcare sector saw 1.9 million intrusions. The assaults originated from a total of 41,181 distinct IP addresses, which might be linked to China, Pakistan, and Vietnam.
Post Your Comments