PUNE: A Hinjewadi-based biopharmaceutical company has fallen victim to a ransomware attack, with a cybercriminal demanding $80,000 (approximately ₹68 lakh) in exchange for decrypting the company’s stolen and locked data. The Pimpri Chinchwad police’s cyber cell is now investigating the matter under multiple sections of the Bharatiya Nyaya Sanhita (BNS) and the Information Technology Act.
The company received a threatening email on April 27, which prompted a senior employee to lodge a complaint on Monday. According to Police Sub-Inspector Sagar Poman, the attacker had successfully breached all 15 of the company’s servers by tricking an employee into clicking a malicious email attachment. The hacker then copied, encrypted, and password-protected critical files, effectively locking the company out of its own systems.
ALSO READ: Call for Cyber Experts: Join FCRF Academy as Trainers and Course Creators
The hacker gave the company three days to make the ransom payment, warning that any attempt to decrypt the data independently would trigger its destruction within 24 hours. Further, the attacker threatened to sell the stolen data on the dark web if the payment was not made in time.
The attack has completely halted company operations for two days. Police have launched a probe and will soon begin recording statements from approximately 300 employees to trace the exact breach point and understand the extent of the impact.
Experts Warn Against Paying Ransom, Advocate Cyber Hygiene and Backup Protocols
Rohan Nyayadish, director of Digital Task Force, confirmed the nature of the attack, categorizing it as a ransomware breach stemming from outdated firewalls and cybersecurity lapses. He stressed the importance of regular security audits, especially in companies managing sensitive research or proprietary data.
“Organizations must follow cybersecurity norms issued by the Central Government and invest in cyber insurance and endpoint protection,” Nyayadish said. He added that attackers typically demand ransom via cryptocurrencies and urged companies to avoid payment and instead report incidents to law enforcement.
According to Nyayadish, many cybercriminals exploit phishing tactics and vulnerable server configurations to gain initial access. Once inside, they launch malware that steals or encrypts valuable data. Prompt reporting and expert intervention can sometimes help in data recovery without paying a ransom, he emphasized.
Legal Experts Call for Stronger Enforcement and Public Awareness
Advocate Gaurav Jachak, a cybercrime expert, described ransomware as digital extortion and stressed that early reporting and digital evidence preservation are critical to prosecution and recovery. “Ransomware crimes fall under both the IT Act and the BNS, and are punishable. Victims must resist the urge to negotiate with attackers as it only emboldens criminal networks,” he said.
Jachak also recommended that companies adopt mirror-image backups across multiple secure systems and conduct employee cybersecurity training to recognize suspicious communications.
He underlined the need for a broader public awareness campaign, especially among medium and small enterprises that may lack dedicated cybersecurity teams. “Strong digital hygiene, incident response preparedness, and compliance with CERT-In advisories can significantly reduce the risk,” he added.
Meanwhile, the cyber cell of Pimpri Chinchwad police continues to examine technical evidence, email trails, and server logs, working with national cybercrime agencies to trace the origin of the attack. The case is being closely watched, as it raises concerns about the cyber readiness of India’s biotech and pharmaceutical sectors, which handle sensitive intellectual property and global client data.