Tharoor raises AIIMS cyber attack in Lok Sabha, demands urgent measures
Shashi Tharoor demanded the Centre’s response to the recent cyber attacks on the servers of the All India Institute of Medical Sciences (AIIMS) in Delhi and called for a thorough investigation into the matter
Drawing attention to the alleged “weak data protection safeguards” in India, Congress member of Parliament (MP) Shashi Tharoor on Monday demanded the Centre’s response to the recent cyber attacks on the servers of the All India Institute of Medical Sciences (AIIMS) in Delhi and called for a thorough investigation into the matter.

Also Read | 'Is there a context?': Shashi Tharoor after spotting ‘sad superheroes of Kerala’
“The cyber attacks on the IT servers of AIIMS Delhi resulted in data losses which impeded its normal operations, including patient registration, consultation booking and availability of medical records. The origin, intent and extent of the attacks remain unclear, and I trust that the government recognising this as a matter of public importance will take the House into confidence with this and the measures are taken to prevent a recurrence,” Tharoor said in the Lok Sabha.
On November 23, a breach was detected in AIIMS Delhi’s IT servers, shortly after which the hospital’s patient management system was paralysed. AIIMS Delhi confirmed that a cyber attack had taken place following which a case of extortion and cyber terrorism was registered by the Intelligence Fusion and Strategic Operations unit of the Delhi police on November 25.
Also Read | What Shashi Tharoor said after NCP leader's 'warm invite' to party
Till December 1, 2022, AIIMS servers were inaccessible to patients. A few days later, AIIMS noted that e-hospital data had been restored.
“While the possibility of this being a hostile cross-border attack is a great concern which calls for a thorough investigation and tough response, it also reflects the weak data protection safeguards in our country, especially by government institutions,” Tharoor added.
Along with Tharoor, Rajya Sabha member Ranjeet Ranjan termed the cyber attack on AIIMS as an issue related to the country’s security and sought an explanation from the Centre. Ranjan referred to a March 2021 report by the cyber-security company Cyfirma which raised caution about cyberattacks against Indian pharma companies.
Bringing up concerns over the withdrawal of The Personal Data Protection Bill, 2019, Tharoor noted, “The Personal Data Protection Bill, 2019, had created a special category of sensitive personal data, including health data, that required stringent safeguards, but this has unfortunately been done away within the new draft bill released by the government.”
On November 18, the Centre floated the most recent draft bill of the data protection law, the Digital Personal Data Protection Bill, 2022 and invited feedback from the public till December 17, 2022.
The draft bill follows the now-withdrawn Personal Data Protection Bill which had appealed for restrictions on the use of personal data without the explicit consent of citizens. The Bill sought to empower the Centre with powers to provide exemptions to its probe agencies from the provisions of the Act, a move that led to fierce criticism from the Opposition.
While withdrawing the Bill, IT minister Ashwini Vaishnaw noted that the government would introduce a new set of legislations for a comprehensive legal framework for the digital economy.
Demanding urgent measures from the IT minister, Tharoor said, “I urge the minister to take necessary measures to ensure that sensitive data of our citizens are adequately protected and to avoid such situations in the future.”

E-Paper

