Over 170GB of Aurobindo Pharma Data Leaked
Aurobindo Pharma Limited, a public trading company and a constituent of India’s Nifty Pharma Index, is involved in six major areas: antibiotics, antiretrovirals, cardiovascular products, and central nervous system products gastroenterological, and anti-allergics. It markets these products to over 125 countries by itself and some high-profile partners like AstraZeneca and Pfizer. Since last year’s ransomware groups are actively targeting sensitive organizations like hospitals, medical centers, etc., institutions researching and manufacturing COVID-19 vaccines are also a lucrative bet. Thus, Aurobindo Pharma is a reasonable hit. With a revenue of $3.3 billion in 2020, hackers targeting Aurobindo Pharma, if successful, could make significant profits. And this may have happened, as we spotted a data dump belonging to Aurobindo Pharma in a ransomware group’s data leak site on the dark web. The threat actors behind this are identified to be the Clop ransomware, which has previously hit companies like Symrise, Software AG, Bombardier, and an educational institution – University of California. Details on how the data was stolen/leaked from Aurobindo Pharma are unknown yet, as an email sent to the company’s inquiry address seeking more information on this failed. Yet, we have tried verifying the leaked data samples and found them to be true. Images shared by the ransomware group show the offer letter of an employee at Aurobindo Pharma’s USA branch. Further, a couple of passport images leaked belonging to the employees working in US subsidiaries of Aurobindo Pharma.
Other sample images shared include the internal workplace photos, certificate of analysis, and product complaint sheets. The data is amounted to over 170GB, released in over 240 downloadable files.