Pune Biopharma Firm Paralyzed by Ransomware Attack; $80,000 Demanded

An alarming cyberattack on a Hinjawadi-based pharmaceutical company underscores the rising threat of ransomware against India’s growing biotech sector.

In a recent high-impact ransomware incident, a reputed biopharmaceutical company in Pune’s Hinjawadi IT hub has fallen victim to a crippling cyberattack. The attackers have demanded a ransom of $80,000 (₹68 lakh) in exchange for unlocking sensitive encrypted data, effectively halting the firm's operations for over 48 hours.

Cybercrime authorities are actively investigating the breach, while the company grapples with the operational fallout and potential data exposure.

  • The attack was triggered by a malicious email, which granted the hacker access to the company’s internal systems.
  • All 15 servers of the organization were compromised, with confidential data exfiltrated and locked using encryption.
  • The attacker issued multiple email threats, demanding payment within 72 hours and warning against data recovery attempts.
  • Police registered a case under Section 308 of the Bharatiya Nyaya Sanhita (BNS) along with IT Act Sections 43, 66, and 72.
  • Investigators are preparing to record statements from nearly 300 affected employees.
  • Rohan Nyayadish, Director of Digital Task Force, emphasized the need for cybersecurity audits and adherence to central security mandates from April 1, 2025.
  • Experts strongly discourage ransom payments, citing risks of untraceable cryptocurrency demands and further extortion.
  • The attack has once again highlighted the lack of updated firewalls and endpoint security in many corporate setups.

This incident is a stark reminder that ransomware is no longer a distant threat — it’s happening now, in our cities, targeting real businesses with real consequences. Organizations must prioritize cybersecurity, implement endpoint protection solutions like Net Protector Cyber Security, conduct regular vulnerability assessments, and stay vigilant against phishing attempts. Prevention, not ransom payments, remains the most effective defense.