The hackers accessed the CCTV system using its default password “admin123.” Just one simple password was enough to unlock the entire system and steal private footage, exposing how weak digital security can lead to massive privacy breaches across hospitals.
According to police, the hospital’s unprotected CCTV system became the hackers’ entry point, allowing them to earn huge profits. From January to December 2024, the hackers gained access to CCTV systems across India, stealing nearly 50,000 video clips from hospitals, schools, factories, and even private homes.
Also read- E-SIM scam: Mumbai doctor loses Rs 10.5 lakh to cyber fraudsters
Medical Dialogues had earlier reported that in a disturbing incident, at least seven shocking CCTV videos of pregnant women patients being examined by doctors inside a private hospital in Rajkot were allegedly leaked on Telegram and YouTube. The videos, which have raised serious concerns, prompted the Gujarat police to launch an investigation into the matter. A probe was launched after videos of women patients being examined by doctors inside a hospital were circulated on Telegram and YouTube, a Gujarat police official said.
Following this, the police arrested the hackers in February 2025. Although the accused were arrested, police found that the stolen clips continued to circulate in Telegram groups until at least June.
The main accused, Parit Dhameliya, a BCom graduate, used three different software tools to carry out the hack. Another accused, Rohit Sisodiya, who had a diploma in medical laboratory technology, was caught in Delhi. He used a remote viewing tool with stolen login details to get unauthorised access to hospital cameras.
The disturbing scam came to light when short teaser videos from the Rajkot hospital appeared on YouTube channels like “Megha Mbbs” and “cp monda.” The customers were then directed to Telegram groups where full videos were sold for ₹700 to ₹4,000 each.
During the investigation, the police found about 80 CCTV dashboards compromised nationwide, including in Pune, Mumbai, Nashik, Surat, Ahmedabad, and Delhi. The victims ranged across 20 states, spanning hospitals, schools, corporate houses, cinema halls, factories, and even private residences.
An Ahmedabad cybercrime branch officer told TOI, "The primary method used was a 'brute force attack' (hackers using a program or bot to try every possible combination of letters and numbers for a lock)."
Also read- Pharma Employee Falls Victim to Telegram Work-from-Home Scam, Loses Over Rs 9 Lakh
Disclaimer: This website is primarily for healthcare professionals. The content here does not replace medical advice and should not be used as medical, diagnostic, endorsement, treatment, or prescription advice. Medical science evolves rapidly, and we strive to keep our information current. If you find any discrepancies, please contact us at corrections@medicaldialogues.in. Read our Correction Policy here. Nothing here should be used as a substitute for medical advice, diagnosis, or treatment. We do not endorse any healthcare advice that contradicts a physician's guidance. Use of this site is subject to our Terms of Use, Privacy Policy, and Advertisement Policy. For more details, read our Full Disclaimer here.
NOTE: Join us in combating medical misinformation. If you encounter a questionable health, medical, or medical education claim, email us at factcheck@medicaldialogues.in for evaluation.