Tamil Nadu hospital suffers cyber attack; patient data sold online
Tamil Nadu-based multispeciality hospital—Sree Saran Medical Center (SSMC)—has been the latest target of a cyber attack in India, India Today reported. The stolen data from the institute was later put on sale online by hackers. The attack was confirmed by CloudSEK, a firm that predicts cyber threats, saying the sensitive data includes the personal data of 1.5 lakh patients sourced from a "compromised" vendor.
Why does this story matter?
Cyber-attacks and data breaches are becoming more common in India. According to Surfshark, a cybersecurity firm, the country is currently ranked sixth in the number of data breaches. Attacks on high-profile institutions, such as AIIMS Delhi, Cleartrip, SEBI, and SpiceJet, have increased this year. SSMC is the most recent addition to this list however, it's unknown who carried out the attack.
Sensitive hospital data 'stolen' from a third-party service provider
According to reports, CloudSEK claimed that patient data from between 2007 and 2011 of Sree Saran Medical Centre in on sale by a threat actor. The firm reportedly found the data breach on November 22, 2022, after it saw a post that advertised the sale of sensitive data sourced from Three Cube IT Lab India-a Chennai-based third-party consulting services vendor.
Attack is a supply chain attack: CloudSEK
"We can term this incident as a Supply Chain Attack, since the IT Vendor of the Hospital, Three Cube IT Lab, was targeted first," said Noel Varghese, CloudSEK's Threat Analyst. "Using the access to the vendor's systems as an initial foothold, the threat actor was able to exfiltrate Personally identifiable information (PII) and Protected Health Information (PHI) of their hospital clients," he said.
Personal information of patients put on sale on dark web
According to TOI, the seller displayed data records from 2007 to 2011 as sample proof to interested purchasers online. The data set of 1.5 lakh records of patients' information contains their name, guardian name, date of birth, doctor's details, and address information, it said. The data has been made available for purchase on well-known forums for cybercrime as well as a Telegram channel.
Database on sale for up to $400
The database is available for purchase for $100 (Rs. 8,100), indicating that many copies will be sold. The cost is $300 for those desiring exclusive ownership (Rs. 24,300). The database's price, if the owner chooses to resell it, is $400. (Rs. 32,531).
Cyberattack that stunned AIIMS Delhi
Last week, life has come to a standstill at India's premier hospital, All India Institute of Medical Sciences (AIIMS), Delhi. Reports said the institute was without internet, and everything was done manually due to a cyberattack on November 23. Some experts believe that Ransomware is behind this first major cyberattack on any medical database in India.
