A successful data breach at Dr Reddy’s, a well-known pharmaceutical company, caused a total shutdown of multiple laboratories and plants. This data breach at Dr Reddy’s took place soon after a trial approval of the Russian Covid-19 vaccine. In our previous blog on the top companies targeted for email spoofing, we discussed how the current happenings and social stressors are being exploited to carry out more cyber attacks. This security breach is further proof. With the whole world clamouring for a vaccine for Covid-19, pharma labs all over the world have gone into overdrive, constantly testing and researching ways to beat the virus. Cyber security companies like ours almost expected security concerns to blow up during this period.
Increasing cyber awareness has become vital, and that’s why it’s necessary to study cases like this one to get a perspective on data and security breaches.
How did the data breach affect multiple pharma labs and units?
Dr Reddy’s pharmaceutical labs have recently gotten the go-ahead of phase 2 and 3 testing for a possible coronavirus vaccine. Just days after the green signal from the DCGI (Drug Controller General of India), a cyber-attack managed to strike down several of the company’s laboratory units in India, Brasis, Russia, UK, and the US.
The security threat was severe enough to halt all production of the pharma labs in these countries. Mukesh Rathi, CIO of Dr Reddy’s, issued a public statement soon after the attack.
“In the wake of a detected cyber-attack, we have isolated all data center services to take required preventive actions. We are anticipating all services to be up within 24 hours and we do not foresee any major impact on our operations due to this incident.”
The Impact of the data breach
Data security is especially important for pharma and drug companies these days. There are multiple tests being run and a lot of sensitive data being stored. To let anything happen to that data would surely set us back a few steps.
But there are commercial effects of such attacks as well. Dr Reddy’s operates 17 manufacturing units along with six R&D facilities just in India. Abroad, it has six manufacturing units and three R&D centres.
Once the news of the data breach became public, share value of Dr Reddy’s declined 2.81% and the benchmark Sensex dropped 0.30%.
The immediate negative impact of a security attack tells us how much brand repute matters. People will not trust an organization, however well established, if they find out it’s prone to attacks. Data breaches tend to make people feel uncomfortable. It makes them feel like their data is not in safe hands. This pharma lab data breach affected Dr Reddy’s two-fold – on the one end, they have to struggle to resume production and on the other, they have to regain authority and public confidence.
This could happen to any organization. If it does, a lot of time and resources are wasted to fight the situation. Worried that it might happen to you? Fortify your security now.