On 23rd November 2022, India's largest government hospital, AIIMS Delhi, found itself in the middle of one of the biggest cyberattacks in Indian healthcare history. Servers were encrypted, hospital operations froze, and the personal medical data of an estimated 40 million patients was compromised. For nearly two weeks, the hospital ran on paper. The attackers reportedly demanded around ₹200 crore in cryptocurrency.
If a similar incident were to happen today, the consequences would extend well beyond operational disruption. The hospital would now face statutory penalties of up to ₹250 crore — under India's new digital privacy regime.
