The PHI is is an essential web platform offered by IIIT Delhi that serves bioinformatics, health informatics, and genomics communities.
A data breach at the Portal for Health Informatics (PHI) of IIIT Delhi was detected recently, which included 10,842 emails from 6,500 domains, internal healthcare files, and user details.
CloudSEK’s XVigil detected the breach on July 25 and found that a threat actor named “UsNsA” shared the sensitive data on a cybercrime forum. The breach resulted from a SQL injection vulnerability.
However, IIIT Delhi told CNBC-TV18 that the though the said data sets are available on the website, they do not contain any personal information.
“The platform in question is specifically designed to host non-sensitive, openly available datasets that can be used by researchers for further research purposes only. It does not contain any personal data, including emails, user details, or sensitive healthcare files,” a statement from the institute read.
UsNsA has a history of sharing databases from other countries. The impact could lead to infrastructure access, account takeovers, and ransomware attacks.
The PHI is an essential web platform offered by IIIT Delhi that serves bioinformatics, health informatics, and genomics communities.
By offering servers, databases, and scientific computation tools in the healthcare sector. PHI assists biologists in the production of vaccines and pharmaceuticals.
First Published: Jul 31, 2023 8:15 PM IST