In a recent development, Alkem Laboratories reported a cyber-security incident that resulted in the unauthorised transfer of funds amounting to Rs 52 Crore. The breach occurred when certain employees’ business email IDs were compromised in one of the company’s subsidiaries. Alkem Laboratories asserts that, according to its policy on materiality, the transferred amount did not surpass specified thresholds.
To investigate the incident, the company enlisted the expertise of an external agency, whose findings were submitted to the Board of Directors. This disclosure has sparked concerns regarding the company’s internal procedures and association with cyber-security provider Check Point.
Alkem Laboratories, however, emphasises that the incident did not involve any fraudulent activities by the promoters, directors, key managerial personnel, or any member of the senior management or employees. The company has taken necessary steps and filed complaints with relevant governmental and regulatory authorities.
While downplaying the incident’s significance, Alkem Laboratories highlights the vulnerability of the pharmaceutical sector in India, given its invaluable intellectual property and sensitive patient data, making it an attractive target for cybercriminals. This incident serves as a cautionary tale, emphasising the need for robust cybersecurity measures and increased vigilance within the industry.
Alkem Laboratories partnered with Check Point Software Technology Ltd, a Nasdaq-listed cybersecurity solution provider, in November 2023—the security infrastructure integration aimed to protect 23 manufacturing facilities across India and the USA. Bijender Mishra, Alkem Laboratories’ Global Chief Information Security Officer, noted that companies must future-proof their security infrastructure in the evolving threat landscape.
Following the cybersecurity incident, a joint statement by Mr Mishra and Check Point emphasised that –
“Last year, Alkem Labs encountered a cyber breach involving fraudulent email IDs of select employees at one of its subsidiaries. This foreign subsidiary was operating independently outside the corporate systems, which was not leveraging Check Point’s security solutions at the time.
Alkem Labs fully disclosed this minor breach to the Securities and Exchange Board of India -SEBI as a responsible corporate entity. Following this breach, Alkem Labs quickly resumed normal business operations with minimal impact on the entire organisation.
Taking proactive measures to bolster their cybersecurity after this fraudulent breach, Check Point Software Technologies was engaged quickly to extend the same fortified security infrastructure present in the Alkem Labs corporate structure across to the entire Alkem Labs subsidiaries, both domestic and internationally, mainly focusing on networks and emails.”
This is first reported in Moneylife.