Mumbai: Pharmaceutical major Alkem Laboratories on Friday admitted to fraudulent transfers of Rs 5,200 crore from one of its subsidiaries due to a cybersecurity incident. Although the company claimed the impact was minimal and limited to specific incidents, the disclosure raised concerns about the vulnerability of India’s pharmaceutical sector to cyberattacks.
Emails were compromised, but the impact was limited?
Alkem did not disclose the exact nature of the security breach, but said fraudsters had compromised the business email IDs of some employees of its subsidiary. According to company policy, the amount stolen is not a criterion for reporting obligations, but the board chose transparency and disclosed the incident to the stock exchange.
Also read: Registration for “FutureCrime Summit 2024” is now open. Register now!
Click here to register
“The report concluded that the impact did not extend beyond the amounts mentioned,” the company’s filing states. “However, in the interest of transparency and good governance, the board has chosen to report this incident.”
Independent research and assurance
Alkem appointed an independent external body to investigate the incident and lodged a complaint with the relevant authorities. They stressed that the fraud was unrelated to any internal wrongdoing by the promoters, directors or employees. Additionally, the company highlighted its recent partnership with cybersecurity solutions provider Check Point Software Technologies to strengthen its defenses against cyber attacks.
Also read: FutureCrime Summit 2024: Call for nominations for the top awards in cybersecurity
A wake-up call for pharmaceutical cybersecurity
While Alchem stressed that the impact of the incident was limited, the episode sheds light on the cybersecurity situation in India’s pharmaceutical sector. These companies hold valuable intellectual property and sensitive patient data, making them prime targets for cybercrime. The Alkem case is a cautionary tale that highlights the need for robust cybersecurity measures and increased vigilance within the industry.
Also read: FutureCrime Summit 2024: Call for nominations for the top awards in cybersecurity
This incident raises several questions. What vulnerability allowed the attack? How widespread is this threat across the pharmaceutical industry? What steps are being taken to better protect sensitive data? Alkem By opting for transparency, perhaps this incident could spur broader discussion and proactive steps to protect India’s pharmaceutical industry from the growing threat of cybercrime.