The website of the Delhi State Health Mission (dshm.delhi.gov.in) has been taken down temporarily on Sunday after a group of hackers exposed its vulnerability. They hacked the website and accessed personal data of more than 80,000 COVID-19 patients in Delhi.
A senior police officer with the cybercrime cell said they had not received any police compliant so far.
Personal data of more than 80,000 corona positive patients, cured and active, in Delhi could potentially be at risk as a result of hacking. The group has, however, claimed that it merely wanted to highlight the vulnerability of the data system through hacking.
The Kerala Cyber Hackers group, in a social media post on Saturday night, claimed that it has hacked the Delhi government’s ‘Delhi State Health Mission’ website and accessed the data of all corona patients. The group took the responsibility and claimed that the unsatisfactory approach of the Delhi government towards health care personnel is the reason.
“We are not satisfied with the Delhi government’s approach towards the healthcare personnel … Thus, to show our protest, we were on an errand to obliterate “Delhi State Health Mission” (dshm.delhi.gov.in) website. Gaining access to their server took us lesser than 10 minutes. We were appalled to witness sensitive data stored in these servers without any security. The accessed data contain COVID-19 patients’ name, address, phone number, COVID-19 test result, quarantine surveillance data, airport data, passport details, hospital data, etc. The government needs to be very careful and take every possible security measures to protect the personal information of citizens…” read the post.
‘Can manipulate data’
“This is the server that is used by the Delhi government to investigate, report, and track the COVID-19 situation in Delhi. A hacker can edit, manipulate as well as misuse these data to make profits. The consequences can be the downfall of the entire Indian security. For instance, manipulating these data will cause miscalculations, and inaccuracy in tracking COVID-19,” the post reads.
To prove their access to the records of COVID-19 patients, the group has further released screenshots and pictures of them gaining access into the central data centre of the Delhi government and showing the list of patients.