Cipla, the Indian pharmaceutical giant, has reportedly fallen victim to a cyberattack orchestrated by the Akira ransomware group. The hackers claim to have exfiltrated a staggering 70GB of sensitive data from the multinational company, which operates 47 manufacturing facilities globally and distributes its products across 86 countries.
The alleged breach has sent shockwaves through the pharmaceutical industry, raising serious concerns about data security and patient privacy. According to the Akira ransomware group’s claims, the stolen information includes a wide range of sensitive data:
- Personal medical records with prescribed medications
- Internal financial information
- Customer contacts, including phone numbers and email addresses
- Employee contact details
Akita shared news of the attack on its dark web portal, as reported on X, claiming it managed to steal 70GB of data from Cipla.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar
This incident occurs when the Akira ransomware group has been particularly active. Just last month, the group leaked information from 35 organizations in a single day, marking their largest data dump to date.
The unprecedented scale of that leak was believed to be part of an effort to showcase the group’s expanding operations following a period of relative inactivity.
Akira, which first emerged in the wild in Q1 2023, has quickly become one of the most prevalent ransomware enterprises, impacting over 350 organizations to date. T
The group is known for its sophisticated tactics, including using ChaCha2008 encryption and various distribution methods, such as infected email attachments and exploitation of VPN vulnerabilities.
The alleged Cipla breach aligns with Akira’s typical modus operandi. The group often employs a double extortion strategy, not only encrypting files but also exfiltrating data to pressure victims into paying ransoms.
This tactic allows them to threaten victims with both data loss and public exposure of sensitive information.
Cipla, with its vast global presence and critical role in the pharmaceutical supply chain, represents a high-value target for cybercriminals. The potential exposure of personal medical records and financial information could have far-reaching consequences for the company, its employees, and its customers.
As of now, Cipla has not publicly confirmed the breach or commented on the ransomware group’s claims. However, if verified, this incident would underscore the urgent need for enhanced cybersecurity measures in the healthcare and pharmaceutical sectors.
Experts advise organizations to implement robust ransomware prevention strategies, including regular security audits, employee training, and advanced endpoint protection solutions. As ransomware attacks continue to evolve and target critical industries, the importance of proactive cybersecurity measures cannot be overstated.
Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses