Cyberattack Hits Indian Biopharma Company MJ Biopharm Pvt Ltd, $80,000 Ransom Demanded

• A biopharma firm in India was hit by a cyberattack that encrypted data across several company servers.
• The initial vector was an unknown email with a malicious attachment that an employee opened.
• While no threat actor has claimed the attack, an investigation into the scope and nature of the incident is underway.

MJ Biopharm Pvt Ltd, a biopharmaceutical company located in Phase 2 of Hinjewadi Rajiv Gandhi Infotech Park, was hit by a cyberattack that compromised critical data across 15 servers. 

Company officials reportedly clicked on a malicious email attachment from an unfamiliar source, triggering the encryption of essential data stored across the organization’s servers. 

According to the Pimpri-Chinchwad cyber police, the breach occurred on April 27, 2025, between 1:30 PM and 5:30 PM on Sunday. 

The attacker subsequently left a message detailing the ransom demand and contact information for further communication. The unknown attacker asked for a ransom of $80,000 to restore access. 

Despite the disruption, MJ Biopharm Pvt Ltd confirmed that they did not meet the ransom demand and are collaborating with expert cyber teams to regain and secure the encrypted data.  

A formal complaint was filed by Amitava Pal, a representative of the firm, prompting an investigation. The case has been registered under Sections 308(2) of the Bharatiya Nyaya Sanhita (BNS) and Sections 43, 66, and 72 of the Information Technology (IT) Act. 

In other news, a sophisticated phishing campaign orchestrated by APT29, a Russian-linked cyber-espionage group also known as Cozy Bear or Midnight Blizzard, is targeting diplomatic entities across Europe via advanced malware tools disguised as invitations to seemingly benign events like wine-tasting events.