Pharmaceutical giant Alkem Laboratories has confirmed that a cybersecurity incident led to a fraudulent transfer of Rs 52 crore from one of its subsidiaries. While the company maintained the impact was minimal and confined to a specific incident, the disclosure raises concerns about vulnerabilities in India’s pharmaceutical sector to cyberattacks.
Without revealing the exact nature of the security breach, Alkem stated that fraudulent actors compromised the business email IDs of some employees at its subsidiary. Though the amount stolen wouldn’t trigger mandatory reporting thresholds as per company policy, the Board of Directors chose transparency, disclosing the incident to the stock exchanges.
“The report concluded that the impact didn’t extend beyond the mentioned amount,” said the company filing. “However, in the interest of transparency and good governance, the Board chose to report the incident.”
Alkem appointed an independent external agency to investigate the incident and filed complaints with relevant authorities. They emphasised that the fraud wasn’t linked to any internal misconduct by promoters, directors, or employees. Additionally, the company highlighted its recent partnership with Check Point Software Technologies, a cybersecurity solutions provider, to bolster its defenses against cyberattacks.
While Alkem emphasises the limited impact of the incident, the episode shines a light on the cybersecurity landscape of India’s pharmaceutical sector. These companies hold invaluable intellectual property and sensitive patient data, making them prime targets for cybercriminals. Alkem’s case serves as a cautionary tale, highlighting the need for robust cybersecurity measures and increased vigilance within the industry
