Lucknow: In a significant breach of Uttar Pradesh’s emergency health infrastructure, the messaging centre of EMRI Green Health Services, which operates the State’s 108 and 102 ambulance services, was hit by a cyberattack that stalled operations for several hours. The disruption affected the routing of emergency calls, leaving several patients struggling to get timely assistance.
The outage began on Thursday evening and continued into Friday, forcing call-centre teams to manage incoming calls manually while automated message forwarding to field ambulances remained non-functional. Initial technical reviews suggest the incident was not a routine system failure but a deliberate hacking attempt. A formal police complaint has been lodged at Ashiyana police station.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Server Failure Reported at 5 p.m. on November 19
Raj Kamal Rai, HR Head of EMRI Green Health Services, said the problem surfaced around 5 p.m. on November 19, when the Case Assignment Message Centre suddenly stopped functioning. This centre forms the backbone of the emergency response system, transmitting call-centre alerts to on-ground ambulance teams.
According to Rai, the disruption crippled the automated case-assignment cycle. “The calls kept coming, but the assignment mechanism collapsed. Without the messaging channel, ambulances cannot be dispatched promptly,” he said.
Rai alleged that the cyberattack may have been executed via Alive Mobile Pvt. Ltd., adding that the company had earlier experienced unauthorised use of its authorised signatory’s credentials for tampering with SMS services.
Sabotage Angle Probed
The organisation has accused a competing private operator of intentionally disrupting government ambulance operations. The complaint filed with police alleges that the messaging system was targeted to destabilise public emergency services and pressure the official service provider.
Rai said the pattern of interference points clearly to external sabotage. “This was a calculated hit to bring the system down. The objective was to cause operational paralysis at a critical node,” he added.
FIR Registered Under IT Act; Forensic Audit Begins
Ashiyana police confirmed that an FIR has been lodged under relevant provisions of the IT Act, and a detailed cyber-forensic investigation has begun.
Investigators are analyzing server logs, unusual login attempts, IP traces, and technical behaviour of the SMS gateway. Preliminary findings indicate that the attack originated from an external network and may have involved manual manipulation or forced overload of the server, rather than a natural system glitch.
Police officials said the probe would also examine whether insiders or contracted service providers had any role in facilitating the breach.
Emergency Services Hit Across Multiple Districts
The cyberattack had a direct impact on public health response:
- Several emergency callers had to dial repeatedly for assistance.
- Message forwarding to ambulances in the field was delayed or completely blocked.
- Availability checks for vehicles malfunctioned across multiple districts.
- Response times increased sharply, affecting critical cases.
Health department officials termed the incident a serious cybersecurity failure in a life-saving public system. “Emergency response cannot afford even minutes of delay. Such gaps pose direct risk to citizens,” an official said.
Security Measures Strengthened After the Breach
Following the incident, EMRI Green Health Services has begun strengthening digital safeguards. The measures include:
- Reconfiguration of the messaging and routing systems
- A comprehensive review of access permissions
- Rollout of multi-factor authentication
- Deployment of cybersecurity teams for real-time monitoring
Government authorities have asked for a detailed incident report and directed the organization to implement long-term cybersecurity upgrades.
Conclusion
The cyberattack on Lucknow’s ambulance network has exposed critical vulnerabilities in the State’s emergency medical infrastructure. With investigations underway and enhanced safeguards being introduced, authorities hope to prevent similar disruptions in the future. The episode underscores the urgent need for resilient cybersecurity standards in essential public services.
