Pune: Biopharma Firm Hit by Ransomware Attack, Hacker Demands ₹68 Lakh
A biopharmaceutical company in Pune’s Hinjawadi has been targeted in a major ransomware attack, with cybercriminals demanding $80,000 (around ₹68 lakh) to unlock encrypted data. The Pimpri Chinchwad cyber police have registered a case under the Bharatiya Nyaya Sanhita (BNS) and the IT Act.
How the Attack Unfolded
The company received a threatening email on April 27, leading an executive to file a complaint on Monday. According to Police Sub-Inspector Sagar Poman, the hacker gained access by tricking an employee into opening a malicious email attachment. Once inside, the attacker breached all 15 company servers, copied sensitive data, encrypted files, and locked the firm out of its own systems.
The hacker imposed a three-day deadline for the ransom payment, threatening to destroy the data if decryption was attempted independently. Additionally, they warned of selling the stolen information on the dark web if the demand wasn’t met. The attack paralyzed operations for two days, prompting police to interview around 300 employees to trace the breach.
Experts Warn Against Paying Ransom
Rohan Nyayadish, director of Digital Task Force, confirmed the attack stemmed from outdated firewalls and poor cyber hygiene. He advised companies to conduct regular security audits, invest in cyber insurance, and avoid paying ransoms. “Cybercriminals often demand cryptocurrency, but compliance only fuels more attacks,” he said.
Cybercrime lawyer Gaurav Jachak called ransomware “digital extortion” and urged victims to report incidents immediately. He emphasized secure backups and employee training to prevent such breaches.
Ongoing Investigation
The Pimpri Chinchwad cyber cell is analyzing server logs and email trails with national agencies to track the hacker. The case highlights growing concerns over cybersecurity in India’s biotech sector, which handles critical research and client data.
