Cyber attack on MGM Hospital
Thereafter, the hospital lodged a complaint with the cyber crime cell and a case was filed under the IT Act.
Mumbai: Vashi’s trust-run MGM Hospital has become the victim of a ransomware attack, according to police. An unidentified hacker locked the data in the hospital's computer system and sent a web link, demanding ransom in bitcoins to unlock it, according to the hospital’s administration. Thereafter, the hospital lodged a complaint with the cyber crime cell and a case was filed under the IT Act.
According to a senior cyber cell officer, the hospital lost 15 days’ data related to billing and patients’ history. The police is trying to retrieve the data and ascertain how security was breached.
According to Vashi police, the message did not mention any amount, but sought payment in bitcoins. Ramnath Parmeshwaram, system coordinator of the hospital, filed a case under the IT Act with the Vashi police. After the ransomware attack, the Vashi police checked all Internet Protocol (IP) addresses to find out the attack source.
“Around Sunday night, there was a problem in our system. We thought the system had got hanged and we could not judge the severity,” P. K. Shashanker, administrator of the hospital, said.
He said, “After that, a message popped up in our system, saying it had been hacked and we should contact the culprits to retrieve our data. They provided an email address, but we filed an FIR. Our technical team is working on retrieving the data. The hospital has not faced any financial loss.”
A similar case was reported in Kharghar on July 4. Hotel Three Star fell victim to ransomware and received a message seeking $400 and 0.06 bitcoins. The hotel’s system was hacked by https://t.me/ruberfiles and around 80 GB data was lost. A case of extortion and under the IT Act has been registered.
DCP, crime branch, cyber cell, Vashi police, Tushar Doshi, said, “The hackers are either different people or the same person operating in two different ways. In the Kharghar case, the link directed to a Telegram account and there was a ransom demanded, while in the Vashi case the miscreant has used an AOL account and did not specify the amount. However, he demanded the ransom in bitcoins.”
He added, “May be some hospital staff clicked an erroneous link, leading to the culprits. We are investigating all angles.”
MGM Hospital’s management system co-ordinator lodged a complaint with the cyber crime cell and an FIR under IT Act’s sections 43 (penalty and compensation for damage to computer system) and 66 (computer-related offences done dishonestly or fraudulently) was registered with the Vashi police station.