Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Pharmaceutical Firms. Show all posts
Ransomwares
Cyber Attacks data security Data Theft Hacker attack Pharmaceutical Firms Ransom Demand Ransomware attack Ransomwares

Pune-Based Biopharma Company Hit by Ransomware Attack, Hackers Demand $80,000

 

A multinational biopharmaceutical company based in Pune has fallen victim to a sophisticated ransomware attack, with cybercriminals encrypting vital data and demanding $80,000 (over Rs 68 lakh) for its release. The attackers have also threatened to leak the stolen proprietary data on the dark web if the ransom is not paid, according to local police authorities. 

The incident came to light when a senior executive from the company’s Pune office lodged a complaint at the Cyber Crime Police Station of Pimpri Chinchwad on Monday evening. The attack was first identified on Sunday afternoon, prompting immediate concern due to the sensitivity of the data involved. According to initial investigations by cybercrime officials, the breach is believed to have occurred through a compromised endpoint device—most likely via a phishing email containing a malicious link. 

Once the attackers gained access to the internal network, they deployed ransomware to the company’s main server and extended it to more than a dozen connected servers. Sensitive data, including proprietary pharmaceutical formulations, manufacturing protocols, and confidential business documents, was then encrypted and locked. 

“A preliminary probe suggests that vulnerabilities in the company’s cybersecurity setup allowed the attackers to infiltrate its systems,” an officer from the Cyber Police Station said. “Unfortunately, a significant portion of the critical data was not backed up offline, leaving the organization exposed to potential data loss if the ransom is not paid.” The hackers have made it clear that if their ransom demand of $80,000 is not met, the stolen data will be sold on the dark web. 

So far, the company has not paid the ransom, and authorities are currently analyzing IP logs and other digital evidence to trace the origin of the attack. Cybercrime investigators have urged all businesses to strengthen their cybersecurity measures, including regularly backing up data offline, updating firewall configurations, and educating employees about phishing threats. “This incident is a wake-up call for organizations to prioritize robust digital security,” the officer added.  

Deputy Commissioner of Police (Crime) Sandeep Doiphode emphasized the growing need for enterprises to invest in both technology and skilled cybersecurity personnel. “This case underlines the urgent necessity for companies to stay ahead of evolving threats through both infrastructure and human resource development,” he said. Police also noted that ransomware attacks typically use phishing emails and exploit weak security protocols. Payments are often demanded in cryptocurrency, making the attackers harder to trace. 

The investigation remains ongoing.
Read more »
Privacy
Drugs Europe Healthcare intellectual property Pharmaceutical Firms Privacy

Poland Pushes for Shorter Drug Data Protection in EU

 


At a recent EU meeting in Luxembourg, Poland supported a European Commission proposal to shorten the time new drugs are protected by data exclusivity rules. Health Minister Izabela Leszczyna said Poland prefers one year of market protection over longer periods of data protection.

In April 2023, the European Commission suggested reducing the data exclusivity period for drugs from eight to six years. Minister Leszczyna agreed, saying this would help people access new treatments more quickly without adding extra paperwork. She also proposed one year of market protection for new uses of existing drugs instead of extending data protection.

Balancing Incentives and Access

Minister Leszczyna emphasised that Poland supports measures to ensure all EU countries have access to modern treatments. She suggested that incentives should focus on market protection and not last longer than a year. For drugs treating rare diseases, extending protection could be considered, but for other drugs, different solutions should be found.

Challenges in Generic Drug Production 

Krzysztof Kopeć, President of the Polish Association of Pharmaceutical Industry Employers, highlighted issues with drug shortages, especially for generic drugs. He explained that producing drugs in Europe is becoming less profitable, leading to shortages. Although the European Commission wants to boost drug production in Europe, current regulations do not support this, and production costs are higher in Europe than in Asia.

Concerns from Innovative Drug Companies

Innovative drug companies argue that changing existing intellectual property rules is not the answer to drug access problems. They believe the current rules should continue to support innovation and ensure EU patients can access new treatments. Michał Byliniak, General Director of INFARMA, stressed the need for EU reforms to improve drug supply security, availability, and affordability while also supporting new drug development.

INFARMA is discussing potential risks of shorter protection periods with the Ministry of Health and other stakeholders. They warn that reducing protection could limit access to advanced treatments. INFARMA supports keeping current data protection levels and creating incentives to promote innovation, address unmet medical needs, and encourage research in the EU.

Poland's support for a shorter data exclusivity period shows its commitment to balancing access to new treatments, innovation, and economic realities in the EU drug industry. As discussions continue, the goal remains to create rules that ensure safe, effective, and affordable medicines are available to everyone in Europe.



Read more »
Revenue Loss
Business Security Cyber Attacks Data Leak Indian Firm Pharmaceutical Firms Revenue Loss

Granules India in Huge Loss After Cyber Attack Erodes Top Line

 

Granules India (GRAN.NS) issued a warning on Thursday regarding a huge loss in revenue and profitability as a result of a cyber security incident the pharmaceutical firm experienced in the latter part of May. 

The IT security breach caused a considerable disruption in its business operations because of extensive adjustments to its IT infrastructure, the manufacturer of paracetamol claimed in an exchange filing. Granules India disclosed the information security incident on May 25 and added that the affected IT assets have been contained. 

The company reported that it has now been able to get production up to levels that were close to normal, but it also noted backlogs and delays in getting materials cleared for quality system approvals before shipping the goods. 

LockBit, a ransomware gang linked to Russia, has claimed responsibility for a hack on Indian pharmaceutical giant Granules India and uploaded some of the data it allegedly stole. 

A leading maker of pharmaceuticals in India since its founding in 1984 is Granules India. Many generic medications, including paracetamol, ibuprofen, and metformin, are produced by the Hyderabad-based firm. Moreover, according to information on the company's website, it has more than 300 clients in more than 80 different nations.

The quarterly earnings for the quarter ended March 31 increased 7.8% to $14.6 million, according to a report released by Granules India in May. Shares of the business finished Thursday at $3.50, down marginally from the previous trading day's closing price of $3.48. 

Lockbit spreading wings

According to a recently published joint advisory from the U.S. federal cybersecurity organisation CISA and its international counterparts in Australia, Canada, France, Germany, New Zealand, and the United Kingdom, LockBit emerged as the most frequently utilised ransomware version worldwide in 2022 and 2023. In January 2020, Russian-language cybercrime forums were the first place where the ransomware gang was identified.

The ransomware group has recently made attacks on a number of well-known tech firms, including IT services provider Accenture, electronics producer Foxconn, U.K. health service provider Advanced, and British postal agency Royal Mail. Other victims of the ransomware group include the financial software company Ion Group, the Los Angeles Housing Authority, and the state of California's finance department. 

LockBit threat actors have extorted about $91 million in ransoms through nearly 1,700 attacks targeting U.S. victims since 2020, according to a recent U.S. and foreign joint advisory.
Read more »
User Security
Cyber Security GoodRx Pharmaceutical Firms User Privacy User Security

GoodRx Made Money On Your Behalf, FTC is Making It Pay


GoodRx put user privacy at risk

GoodRx has not done a good job when it comes to your privacy. The Federal Trade Commission has charged a heavy fine and an agreement that will bring in various privacy measures. 

If you're among the people who used GoodRx to get discounts on your medications, the prescription shopping website might've done more than what you bargained for. GoodRx sent your personal health data to tech companies like Meta and Google for advertising purposes as well as the data brokers. 

FTC charged GoodRx

The FTC recently announced that GoodRx has agreed to pay a $1.5 million fine and implement various measures to ensure that the company no longer sends health data for advertising purposes. GoodRx has agreed that it will take user consent before sharing health data for other purposes, and also to get in touch with the third parties with whom it earlier shared sensitive info to delete that data. 

Consumer Reports said, "to determine how GoodRx shares data, we monitored traffic using a data packet-capturing tool to observe the company's Android mobile app and website as we searched for deals on a number of prescription medications."

Several of the company’s business partners received the names of the medications, along with ID numbers and other information that can be used to single out individuals. The data can reveal intimate information that many people would keep private from all but their close friends and family.

The FTC alleged that GoodRx shared names of medications people were looking for on the application, it has been accused of sending lists to Meta, which includes identity info of users who bought certain medications, Meta used it to target users with ads. 

“Digital health companies and mobile apps should not cash in on consumers’ extremely sensitive and personally identifiable health information. The FTC is serving notice that it will use all of its legal authority to protect American consumers’ sensitive data from misuse and illegal exploitation," Samuel Levine, director of the FTC’s Bureau of Consumer Protection, said in a statement." 

When did GoodRx malpractices surface?

Some of GoodRx's practices were first disclosed in February 2020 by reports from Gizmodo and Consumer Reports, which explained how user data was being sent to third parties. GoodRx apologized for it, saying the data wasn't used for targeting ads and implemented some privacy measures. 

Vox said "That seemed to be the end of it, as GoodRx operates in a digital privacy gray area. Though it may collect the same data that pharmacies, doctors, and health insurance companies do, in most cases it’s not beholden to the same health privacy laws — namely, HIPAA, the Health Insurance Portability and Accountability Act. Even when HIPAA didn’t apply to GoodRx, the FTC says that the company gave users the impression that it did by putting a little “HIPAA” icon on its website."


Read more »
Sensitive data
Cyber Security Dark Web Data Leakage Pharmaceutical Firms Sensitive data

Exposed Corporate Credentials Endanger the Pharmaceutical Industry

 

Constella Intelligence published a report that includes fresh and additional information relevant to pharma sector exposures, breaches, and leakages, with a specific focus on employees and executives from the top twenty pharma firms on the Fortune Global 500 list. 

The report examined eighteen prominent pharmaceutical corporations and their nine hundred plus subsidiaries around the world to assess the presence of exposures of services, sensitive platforms, unpatched CVEs, and other security vulnerabilities. Among the major insights were some alarming numbers, such as 92% of pharmaceutical organisations having at least one exposed database with possible data leakage and 46% having an exposed SMB service. SMB flaws have already been used in prominent assaults such as WannaCry, NotPetya, Nachi, and Blaster worms. 

In 70% of the pharmaceutical M&A deals examined in 2020, the newly acquired subsidiary had a detrimental impact on the parent company's security posture, introducing tens, if not hundreds, of sensitive unprotected and unpatched services. 

The threat intelligence team identified 9,030 breaches/leakages and 4,549,871 exposed records—including attributes such as email addresses, passwords, phone numbers, addresses, and even credit card and banking information—related to employee corporate credentials from the companies examined by analysing identity records from data breaches and leakages discovered in open sources and on the surface, deep, and dark web. 

The proliferation and distribution of this sensitive employee data provides threat actors with the resources they need to carry out a wide range of cyberattacks, including impersonation, phishing, account takeover, and a variety of others that can lead to more sophisticated attacks like ransomware or coordinated disinformation campaigns. 

“The pharma sector’s role within the healthcare ecosystem, especially with today’s public health needs, only emphasizes how critically important it is that these companies protect themselves from cyber threat actors,” said Constella Intelligence CEO, Kailash Ambwani. “As we have seen before, only one exposed employee credential can lead to a company having their systems or supply chain shut down by a data breach leading to a ransomware attack, resulting in a shortage of life-saving supplies.”

Because of their intellectual property and confidential information, as well as their critical role in creating life-saving treatments, pharmaceutical firms are high-value targets for threat actors. The pandemic-driven shift toward remote workforces, combined with accelerating operational digitization, has increased the overall digital footprint of enterprises in this industry, resulting in more digital vulnerabilities and risk.
Read more »
Pharmaceutical Firms
Amazon Web Services Data Breach FBI information exposed Personal Details Pharmaceutical Firms

A Data Breach To An AWS Portal Glitch By Ravkoo, A US-based Online Pharmacy

 

Ravkoo, an online prescription filling service, suffered a data breach, exposing health and other sensitive information. The company's prescription interface is hosted by Amazon Web Services (AWS). 

A security incident occurred in a specific instance that saved prescription information, allowing the information to be easily accessed. The unauthorized access occurred in September 2021, and the Ravkoo security team discovered it in October of that year. 

On January 3rd, 2022, around 150,000 potentially affected customers received breach notification letters. Ravkoo has discovered no cause to assume the exposed data was spreading or being utilized for nefarious activities at the time of writing their public statement, but that could change. The FBI and other authorities have been notified, and they are working with Ravkoo to investigate the situation further to determine who may be responsible. 

"Ravkoo has no indication that any of your personal information has been or will be exploited as a result of this occurrence at this time. Nonetheless, out of an abundance of caution, Ravkoo chose to alert you about this incident," according to Alpesh Patel, the online pharmacy's CEO, because it hasn't received any reports of identity theft relating to the data breach since September 27, the date of the incident. Ravkoo also claims to have reported the event to the appropriate authorities and to be working with forensic experts to examine the issue and improve its security posture. The hacker also provided records of 340,000 prescriptions written by Ravkoo between November 3, 2020, and September 11, 2021, totaling $8.5 million in medicine prices, according to Micah Lee of The Intercept. 

Ravkoo's identity monitoring services are available to users who may have been affected by the breach. The scope of the exposed data has not been released, however, the concerned parties should report any unlawful activity they see. Health information can be sold and exploited to commit medical identity theft, as we discussed earlier this week. For those who have their information utilized unlawfully, this might result in a variety of problems. Following an occurrence like this, it's critical to remain vigilant.
Read more »
Reposify
COVID-19 Cyber Security Pharmaceutical Firms Reposify

Over 92% of Pharmaceutical Firms are Prone to Cyber Attacks, New Report Highlights

 

Reposify, the leading external attack surface management platform published its Pharmaceutical Industry Attack Surface Exposures Report analyzing the security status of the world’s leading pharmaceutical firms and their 900-plus branches.

Data analysts at Reposify examined the data covering a two-week period in March 2021 and discovered that 92% of the pharmaceutical companies had at least one exposed database with potential data breach, while 46% had an unmasked Server Message Block (SMB) service. 

SMB is a communication protocol that allows networks within the same system to share files. It also offers an authenticated inter-process communication mechanism. The last time when SMB services were exploited was the infamous 2017 WannaCry cyberattack, targeting 80 NHS trusts across England. 

The Department of Homeland Security and Cybersecurity and Infrastructure Security Agency (CISA) issued an early warning in the response that attackers were leveraging password spraying campaigns in order to target pharmaceutical companies, research firms, and other health care organizations involved in the COVID-19 response. 

Last year, threat actors targeted 53% of pharmaceuticals or biotech companies, including the European Medicines Agency, which led to a breach of Pfizer and BioNTech COVID-19 vaccine data. The average cost of a pharmaceutical industry breach stood at $5.06m in 2020, a sum 1.3 times higher than the global average. 

“The pharmaceutical sector is one of the largest contributors to the global economy and human welfare. But pharmaceutical companies are struggling to protect their distributed network perimeter from increased cyber-attacks coming from well-funded and well-organized hacking groups on the hunt to steal and hold valuable, confidential data for ransom or other nefarious acts,” said Uzi Krieger, CEO of Reposify. 

“COVID-19 is still ravaging parts of the world, variants are spiking, and the safety of clinical research, manufacturing and supply chains have never been so important to humanity, and yet, pharmaceutical companies remain ill prepared and unsecured, spiraling the industry into red level vulnerability to external attacks, “ Krieger added. 

Luckily, of all security flaws uncovered, 72% were categorized in a low-risk category. However, 15% were classified as critical, 7% were high-risk, and 6% were medium risk. The median number of high-severity risks for each firm was 269, while the median of critical flaws per company was 125. These risks were linked to vulnerable software (38%), improper access controls (33%), and potential DDoS (23%), among others.
Read more »
Subscribe to: Posts (Atom)