The Delhi Police’s Intelligence Fusion and Strategic Operations unit on Sunday asked the Central Bureau of Investigation to get details from the Interpol about the IP addresses of emails from China and Hong Kong in connection with its inquiry into the cyberattack that crippled the servers of the All India Institute of Medical Sciences in the national capital, the Hindustan Times reported.

The Central Bureau of Investigation is India’s nodal agency for contact with Interpol.

On November 23, several departments at AIIMS were unable to log onto the e-hospital server to view patient reports. An inquiry by the National Informatics Centre found that the server which hosts the e-hospital database and the two servers which store laboratory data had been hacked and corrupted.

The cyberattack on the country’s premier healthcare institute not only compromised its patient database, which includes the health records of India’s top politicians, but also blocked access to its e-hospital server.

Last week, it had emerged that IP addresses of two emails, identified through the headers of files that were encrypted by the hackers, originated from China’s Henan province and Hong Kong, The Indian Express reported.

However, an unidentified official told the newspaper this does not necessarily mean the hackers are present there. “It could be a Chinese physical server or a virtual server,” he said.

Deputy Commissioner of Police (IFSO) Prashant Priya Gautam told the Hindustan Times the information they have sought from the Central Bureau of Investigation will help decode the matrix of the cyberattack and who was the chief hacker.

“We are also looking for information on whether those IP addresses were used by a company or by an individual, and about the companies providing internet there,” he added.

The Delhi Police registered a first information report under provisions of extortion and cyber terrorism November 25.