Alkem Laboratories reports fraudulent transfer of Rs 52 cr due 'cybersecurity incident'

In its filing to the exchanges, the company mentioned that the security breach involved compromising the business email IDs of specific employees at one of its subsidiaries, without providing extensive details on the incident.

According to the filing, the amount involved "did not cross the quantitative thresholds of materialty as per the Company's Policy on Determination of Materiality of Events or Information".

Alkem Laboratories engaged an external agency independently to investigate the incident.

The investigating agency later presented its findings to the Board of Directors, who recommended disclosing the cybersecurity incident to the exchanges to ensure complete transparency.

"Whilst, the report concluded that the impact of the incident did not extend beyond the above-mentioned amounts, the Board of Directors at its meeting held today i.e. 12th January, 2024, decided that in the interest of transparency and as a matter of good governance, this cyber security incident should be reported to the stock exchanges," informed the filing.

"The incident did not occur due to any fraudulent act on the part of any of the promoters, directors, key managerial personnel or any member of the senior management or any other employee of the Company or its subsidiary. Further, the Company has taken all necessary steps and filed necessary complaints with concerned governmental and regulatory authorities in this matter," it added.

In November 2023, Alkem Laboratories entered into a partnership with Check Point Software Technologies, a cybersecurity solutions company listed on Nasdaq, to safeguard its pharmaceutical facilities from potential cyber-attacks.

On its website, Check Point noted that after Alkem deployed Check Point Harmony Email to protect their employees' inboxes, the company “observed a significant reduction in phishing emails--from 50 daily reports to zero.”

While, in a joint statement from Bijender Mishra, Global Chief Information Security Officer, Alkem Laboratories and Check Point Software Technologies said that “Last year, Alkem Labs encountered a cyber breach involving fraudulent email IDs of select employees at one of its subsidiaries. This foreign subsidiary was operating independently outside the corporate systems, which at the time was not leveraging Check Point’s security solutions.”

As a responsible corporate entity, Alkem Labs fully disclosed this minor breach to the Securities and Exchange Board of India. Following this breach, Alkem Labs quickly resumed normal business operations with minimal impact to the entire organization, said the statement.

 The statement added that “taking proactive measures to bolster their cybersecurity after this fraudulent breach, Check Point Software Technologies were engaged quickly to extend the same fortified security infrastructure, present in the Alkem Labs corporate structure across to the entire Alkem Labs subsidiaries both domestic and internationally, particularly focusing on networks and emails.”