Aurobindo Pharma Data Leak

Aurobindo Pharma, an Indian pharmaceutical company based in Hyderabad, has some of its employees’ sensitive data leaked by a ransomware group. We have spotted this dump in a dark web leak site of the Clop ransomware group, which has hit similar other high-profile companies earlier. While there are many files put up for free download, samples mentioned by the threat actor show the passport details and offer letters of some employees.

Over 170GB of Aurobindo Pharma Data Leaked

Aurobindo Pharma Limited, a public trading company and a constituent of India’s Nifty Pharma Index, is involved in six major areas: antibiotics, antiretrovirals, cardiovascular products, and central nervous system products gastroenterological, and anti-allergics. It markets these products to over 125 countries by itself and some high-profile partners like AstraZeneca and Pfizer.

Since last year’s ransomware groups are actively targeting sensitive organizations like hospitals, medical centers, etc., institutions researching and manufacturing COVID-19 vaccines are also a lucrative bet. Thus, Aurobindo Pharma is a reasonable hit. With a revenue of $3.3 billion in 2020, hackers targeting Aurobindo Pharma, if successful, could make significant profits.

And this may have happened, as we spotted a data dump belonging to Aurobindo Pharma in a ransomware group’s data leak site on the dark web. The threat actors behind this are identified to be the Clop ransomware, which has previously hit companies like Symrise, Software AG, Bombardier, and an educational institution – University of California.

Inquiry email sent to Aurobindo Pharma seeking acknowledgement return this response.
Inquiry email sent to Aurobindo Pharma seeking acknowledgment returned this response.

Details on how the data was stolen/leaked from Aurobindo Pharma are unknown yet, as an email sent to the company’s inquiry address seeking more information on this failed. Yet, we have tried verifying the leaked data samples and found them to be true. Images shared by the ransomware group show the offer letter of an employee at Aurobindo Pharma’s USA branch.

Offer letter to an employee in Aurobindo Pharma’s US branch

Further, a couple of passport images leaked belonging to the employees working in US subsidiaries of Aurobindo Pharma.

Highly redacted passport image of Indian employee working at Aurobindo Pharma’s US branch

 

Other sample images shared include the internal workplace photos, certificate of analysis, and product complaint sheets. The data is amounted to over 170GB, released in over 240 downloadable files.

LEAVE A REPLY

Please enter your comment!
Please enter your name here