In a recent development, pharmaceutical giant Alkem Laboratories acknowledged a cybersecurity incident resulting in a fraudulent transfer of Rs 52 crore from one of its subsidiaries. While the company asserts that the impact is limited to this specific incident, the breach underscores concerns regarding cyber vulnerabilities within India’s pharmaceutical sector.
Alkem confirmed that fraudulent actors compromised business email IDs of certain employees at its subsidiary, leading to the unauthorized transfer. Although the stolen amount doesn’t trigger mandatory reporting thresholds as per company policy, Alkem’s Board of Directors opted for transparency, promptly disclosing the incident to stock exchanges.
The company’s filing stated, “The report concluded that the impact didn’t extend beyond the mentioned amount. However, in the interest of transparency and good governance, the Board chose to report the incident.”
Alkem has initiated an external investigation through an independent agency and filed complaints with relevant authorities. Notably, the company clarified that the fraud is unrelated to any internal misconduct by promoters, directors, or employees. Highlighting their commitment to cybersecurity, Alkem mentioned a recent partnership with Check Point Software Technologies, a cybersecurity solutions provider, to enhance defenses against cyber threats.
While Alkem emphasizes the incident’s limited impact, it brings attention to the broader cybersecurity landscape in India’s pharmaceutical sector. The industry, housing valuable intellectual property and sensitive patient data, remains a prime target for cybercriminals. Alkem’s case serves as a cautionary tale, prompting discussions on vulnerabilities, the extent of the threat across the sector, and measures to fortify cybersecurity. This incident may catalyze proactive steps to safeguard India’s pharmaceutical sector from the growing menace of cybercrime.
