Granules India, a leading pharmaceutical company based in Hyderabad, has become the latest victim of a devastating cyberattack orchestrated by the notorious LockBit ransomware gang. Our researchers in iZOOlogic discovered this incident and believed that the vulnerability of even the most secure networks could have extensive adverse effects on the company’s operations and the wider healthcare industry.
The LockBit ransomware gang has taken responsibility for the recent cyberattack on Granules India, which unfolded on June 14, 2023. The group criticised the company’s cybersecurity practices, claiming that the pharmaceutical company is unaware of the importance of robust security measures and data protection.
LockBit’s pentest on the corporate network of Granules India revealed alleged critical vulnerabilities.
According to the cybercriminals, during a penetration test of the pharmaceutical giant’s corporate network, they discovered over ten critical vulnerabilities, all of which facilitated unauthorised access to the company’s highly sensitive corporate data.
LockBit provided evidence of their successful infiltration and encryption of Granules India’s corporate network. The cybercriminals have also made available for download a portion of the stolen data, constituting about 50% of the entire pilfered archive.
The remaining stolen archive and detailed information about vulnerabilities within Granules India’s corporate networks are offered to other malicious entities, revealing LockBit’s intent to monetise their illicit activities.
The implications of the cyberattack on Granules India have been further intensified with the disclosure of the specific types of stolen data now accessible for download on the cybercriminals’ data leak website.
Based on our research team’s analyses, the stolen information contains many critical documents vital to the company’s operations, such as excel reference documents and sheets, financial records, investor relations files, operational documents, quotations, taxation records, treasury information, and sensitive investor data.
This inventory of stolen information underscores the comprehensive nature of the attack and the potential consequences it may have on the company’s operations, financial stability, and relationships with stakeholders.
LockBit accused Granules India of blatant disregard for safeguarding the data of its employees, customers, partners, and investors. The adversaries have further cautioned all clients and partners against engaging or cooperating with Granules India.
The company now faces the tough task of recovering from the cyberattack and rebuilding trust within its ecosystem, highlighting the need for organisations to prioritise strong cybersecurity measures to avoid similar breaches and protect the vital interests of their stakeholders.