Alkem Laboratories, a major pharmaceutical company, acknowledged a cybersecurity incident that resulted in a fraudulent transfer of $6.2M from one of its subsidiaries. Despite asserting minimal impact and containment to a specific incident, the disclosure highlights potential vulnerabilities in India’s pharmaceutical sector to cyberattacks. The breach involved compromising the business email IDs of some employees at the subsidiary, though the exact details of the security breach were not disclosed by Alkem. Despite the stolen amount not triggering mandatory reporting thresholds, the company’s Board of Directors opted for transparency, disclosing the incident to stock exchanges.
In response to the cybersecurity breach, Alkem Laboratories appointed an independent external agency to investigate the incident and lodged complaints with relevant authorities. The company clarified that the fraud was not connected to any internal misconduct involving promoters, directors, or employees. Emphasizing transparency and good governance, Alkem chose to report the incident despite the limited impact mentioned in the disclosure. Additionally, the company reassured stakeholders by highlighting its recent collaboration with Check Point Software Technologies, a cybersecurity solutions provider, aimed at fortifying its defenses against cyber threats.
The report concluded that the impact of the cybersecurity incident did not extend beyond the mentioned amount, as stated by the company filing. While the stolen funds may not have triggered mandatory reporting thresholds, the disclosure underscores the growing concerns about cybersecurity resilience in critical sectors like pharmaceuticals. The incident serves as a reminder of the need for robust cybersecurity measures and heightened vigilance within the pharmaceutical industry to safeguard against potential cyber threats.
