News APP

NewsApp (Free)

Read news as it happens
Download NewsApp

Available on  gplay  » News » Records of 320,000 patients on AYUSH Jharkhand hacked

Records of 320,000 patients on AYUSH Jharkhand hacked

By Sourabh Lele
September 05, 2023 15:10 IST
Get Rediff News in your Inbox:

CloudSEK in its report also warned that the leaked data could enable account takeovers.

IMAGE: Kindly note that this image has been posted for representational purposes only. Photograph: Reuters

Cyber threat analysis company CloudSEK on Monday reported that personally identifiable information (PII) and medical diagnoses of over 320,000 patients, along with sensitive data about doctors, were found to have been leaked on the dark web from the ministry of AYUSH website for Jharkhand.

The breach was initiated by a threat actor who goes by the name ‘Tanaka’, and the compromised data included sensitive information about doctors, such as their PII, login credentials, usernames, passwords, and phone numbers. Information about 500 login credentials, some in cleartext (unencrypted form), was exposed on the dark web.

The website for Jharkhand is designed and developed by Bitsphere Infosystem, an information technology services firm based in Ranchi. The threat actor shared a post titled ‘’ on an English-speaking hacking forum, CloudSEK said in a report.


Email queries sent to officials of the AYUSH ministry, the office of the director at AYUSH Jharkhand, and Bitsphere Infosystem remained unanswered at the time of going to press.

The ministry of AYUSH website for Jharkhand serves as a critical resource providing information about ayurveda, yoga, naturopathy, unani, siddha, and homeopathy treatments. It connects patients to doctors working in these medical disciplines and is also used for education and research in these fields.

Although the database is relatively small, at around 7.3 megabytes in size, it contains over 320,000 patient records, including their PII information and medical diagnoses. It also contains contact information for 737 people who used the ‘contact us’ form on the website, as well as 472 records containing PII information of doctors. The database also contains PII information for 91 doctors, along with information about where they are posted.

The link between the compromised data and AYUSH Jharkhand’s website was established by cross-referencing chatbot and blogpost data shared by the threat actor with publicly accessible data on the website.

CloudSEK’s contextual artificial intelligence digital risk platform, XVigil, was used to identify the source of the leaked data.

“CloudSEK researchers found a deeply concerning data breach that has far-reaching implications for patient and doctor confidentiality. The breach raises serious concerns about the digital security of health care data,” the analytic platform said.

In its report, CloudSEK also warned that the leaked data could enable account takeovers, as commonly used or weak passwords could lead to ‘brute force’ attacks. It would equip malicious actors with the details required to launch sophisticated phishing attacks.

‘Brute force’ refers to attacks that use trial and error to guess login credentials or encryption keys.

Breach of health care databases may have severe implications as it includes sensitive data such as reproductive, sexual, and mental health data. This new report comes months after a Telegram bot was allegedly found leaking personal data collected by the government’s CoWin portal.

Last year, the servers of the All India Institute of Medical Sciences in New Delhi were infiltrated in a cyberattack, paralysing its operations.

Dark side of the web

  • Around 500 login credentials, some unencrypted, allegedly exposed
  • Breach also includes 472 records containing personal information of doctors
  • Contact information of 737 people who used ‘Contact Us’ form may have leaked
  • The leaked info may increase account takeovers and phishing attacks, among other threats
Get Rediff News in your Inbox:
Sourabh Lele in New Delhi
Source: source
India Votes 2024

India Votes 2024