Russia-backed ransomware gang LockBit has listed Indian pharmaceutical company Granules India on its dark web leak site as of Wednesday. The group also published several of the data allegedly stolen in the attack.
Granules India reported a ‘cybersecurity’ incident in a stock exchange filing on May 25, stating that affected IT assets were isolated at once and that the company is prioritising investigating the matter. “Appropriate containment and remediation actions” were also reportedly taken to address the incident.
However, nothing about the nature of the attack itself was disclosed. Granules India is also yet to confirm this particular attack, so there’s a chance that the cybersecurity incident it reported in May might as well be LockBit’s ransomware attack. And if it’s not, a second breach in two months certainly doesn’t look good on the company’s resume.
LockBit has risen to the front of the ransomware world and has become one of the most notorious ransomware gangs in 2022 and 2023 so far. The gang has attacked victims both big and small, including companies like Accenture, Foxconn, Royal Mail, SpaceX, financial technology firm Ion and the Papercut server hacks to name a few. The FBI reported in an advisory released June 14 that in the US alone, LockBit has attacked nearly 1,700 victims, extorting approximately $91 million in ransoms since 2020.
The cybersecurity event disclosure in May tanked the company’s shares by 2%. Still, Granules India has since reported a 7.8% rise in quarterly profit to $14.6 million for the quarter ending March 31. The share prices have increased from ₹273.50 at the time of disclosure in May to ₹294.95 at the time of writing.