A hospital privacy breach in Gujarat widened into a major cybercrime investigation after police traced viral clips of women patients in a Rajkot maternity hospital’s labour room to a larger network that allegedly hacked CCTV systems, sold footage online and routed payments through Telegram groups and digital channels.
The case began after a disturbing video surfaced on social media on February 17, 2025, showing a nurse administering an injection to a female patient in a private part of her body. Police traced the footage to a maternity hospital in Rajkot, around 220 km west of Ahmedabad. Over the next five months, investigators arrested eight men and booked them under provisions including cyber terrorism, after concluding that the hospital’s CCTV system had been hacked from outside and that the clips were being marketed online.
How the Hospital Footage Reached the Internet
Investigators began at the hospital itself, where the administration said it was shocked to learn that footage from the labour room was circulating online. The hospital administrator said a reporter approached them while staff were busy attending to a patient in labour and informed them that video from the hospital was being shown on the internet. By then, an FIR had already been registered by the Cybercrime Branch in Ahmedabad City.
The inquiry soon moved beyond a single clip. Police found that several videos taken from CCTV footage of women patients in labour rooms were being sold on closed Telegram groups, while shorter trailer like clips were advertised on YouTube for prospective buyers. Prices, according to the material in the screenshots, ranged from Rs 800 to Rs 2,000 depending on the nature of the content.
Hospital staff and patients were questioned for days, and CCTV footage was scanned for clues. According to the hospital administrator, investigators examined staff, took electronic gadgets and spoke to patients before concluding that the CCTV system had been hacked from outside the hospital. Police also said prima facie no hospital staff appeared to be involved.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
Arrests Spread Across States as Probe Deepened
On February 18, 2025, the Ahmedabad City Cybercrime Branch found videos on three YouTube channels and wrote to Google seeking operator details. After receiving a response, police identified persons based in Maharashtra and Uttar Pradesh. Teams were sent to both states, leading to the first arrests.
At a press conference on February 19, Ahmedabad City Police Joint Commissioner Sharad Singhal, DCP Lavina Sinha and DCP Ajit Rajian said Prajwal Ashok Teli, 23, had been arrested in Latur, Maharashtra, Praj Rajendra Patil, 19, in Sangli, Maharashtra, and Chandraprakash Phoolchand, 33, in Prayagraj, Uttar Pradesh.
Police said the accused used virtual numbers to communicate with hackers in Romania and Atlanta in the United States. Investigators alleged that CCTV feeds from several hospitals, malls and commercial buildings had been hacked. The accused allegedly clipped videos of women patients while they were being examined, uploaded teaser snippets on YouTube and offered the footage for sale.
Police said the arrested men’s phones revealed contacts, videos, groups and financial transactions connected to the other accused. The investigation also uncovered 22 channels being run under a Telegram group called Megha Demos, where videos were categorised by kinks such as voyeurism and exhibitionism. Other groups named Demo CCTV, CCTV Injection Group, CCTV Demo Premium and CCTV Group were also found. Police estimated that the accused may have earned more than Rs 8 lakh before the racket was disrupted.
Further arrests followed. On February 23, police arrested Vaibhav Bhandu Mane, 24, of Sangli, Parit Ghanshyam Dhameliya, 36, of Surat, and Ryan Robin Pereira, 20, of Vasai in Maharashtra. On February 26, Delhi resident Rohit Sanjaykumar Sisodia, 27, was arrested. Police filed the first chargesheet against seven accused on May 17 before the 13th Additional Chief Judicial Magistrate at Gheekanta, Ahmedabad. An eighth accused, Tushar Anil Santramsingh Bhatia, 22, of Dehradun, Uttarakhand, was arrested on June 12.
Why Police Invoked Stronger Legal Provisions
The screenshots state that the first accused were initially booked under Sections 66E and 67 of the IT Act, dealing with violation of privacy and publication of obscene material. But officers in the Cybercrime Branch believed those provisions, which carry lower punishment, might not be sufficient given the seriousness and long lasting impact of the alleged crime on victims and their families.
At a meeting at the Cybercrime Branch headquarters in Shahibaug, officials debated how the legal case could be strengthened. On February 21, 2025, the investigating officer sought court permission to add Sections 61 and 77 of the Bharatiya Nyaya Sanhita, along with Sections 43(b), 66 and 66F(2) of the IT Act. The last of these, according to the screenshots, deals with cyber terrorism and carries a maximum punishment of life imprisonment.
The chargesheet describes a coordinated operation conducted through Telegram, where the accused allegedly exchanged hacking tools, shared CCTV access credentials and routed payments through UPI and gift vouchers. It states that Tushar and Parit were in touch through a Telegram group, exchanged information on CCTV hacking and hacking tools, made financial transactions and got payments into their bank accounts through UPI. The document also says QR codes for CCTV access were exchanged and that IP logs linked both men to the hospital DVR. Four CCTV hacking applications were allegedly found on Tushar’s mobile phone, while eight other hacking tools were found on his laptop.
The case, which began with a single viral clip from a labour room, has since evolved into one of the most unusual cybercrime prosecutions in Gujarat, exposing weak digital safeguards, the exploitation of hospital privacy and an alleged interstate network that turned hacked surveillance footage into an online trade.
About the author – Rehan Khan is a law student and legal journalist with a keen interest in cybercrime, digital fraud, and emerging technology laws. He writes on the intersection of law, cybersecurity, and online safety, focusing on developments that impact individuals and institutions in India.
