Hackers used a carefully thought-out email impersonation fraud to steal Rs 2.16 crore from two of India’s largest pharmaceutical companies, Dr. Reddy’s Laboratories and Bengaluru-based Group Pharmaceuticals. Group Pharmaceuticals reported the scam to Bengaluru City Cyber Crime Police on November 5, 2025, stating that the assault prevented the cash for products supplied from ever reaching their account. Cybercriminals created convincing phony emails to divert the cash after gaining illegal access to the companies’ email traffic.
Impersonation and the Anatomy of the Scam:
The hackers executed the operation by creating an email ID that precisely mimicked a legitimate address belonging to a Group Pharmaceuticals official. They sent fraudulent payment instructions from ‘KKeshav@Grouppharma.in,’ a subtle and deceptive variation of the authentic email address. On November 3, 2025, these emails reached Dr Reddy’s finance team, instructing them to transfer the payment to a Bank of Baroda account supposedly belonging to Group Pharmaceuticals. Trusting the authenticity of the sender and urgency of business transactions, Dr Reddy’s Laboratories transferred Rs 2.16 crore to the new bank details supplied in the fraudulent communication.
Discovery, Complaint, and Police Response:
The deception was detected when the legitimate recipient, Group Pharmaceuticals, reported non-receipt of funds despite the payment having been credited elsewhere. Group Pharmaceuticals immediately moved to file an FIR through Mahesh Babu K, pressing authorities to freeze the fraudulent account and recover the lost money. Investigators quickly traced the fraudulent account to Vadodara, Gujarat. The police have registered the case under multiple sections of the Information Technology Act specifically 66(C) for identity theft and 66(D) for cheating by impersonation alongside relevant sections of the Bharatiya Nyaya Sanhita. An investigation is actively underway, with cyber police working to track down the culprits and freeze accessed funds.
Strengthening Cybersecurity in the Pharmaceutical Sector:
Industry experts stress the urgent need to improve cybersecurity in the pharmaceutical sector in light of increasingly sophisticated hacks, such as the recent Rs 2 crore theft involving Dr. Reddy’s and Group Pharmaceuticals. Pharmaceutical firms are vulnerable to growing threats such as ransomware, phishing, and data breaches since they handle extremely sensitive data and intellectual property. To reduce human error, which continues to be a major contributor to breaches, experts advise making cybersecurity training mandatory for all staff members. To counter emerging threats, software, hardware, and cloud security configurations must be updated on a regular basis. Implementing thorough incident response strategies is also crucial for prompt crisis management and reducing attack damage. Proactive and multi-layered cybersecurity measures are essential for protecting operations and patient trust in the pharmaceutical industry, which is a primary target.
Industry Implications and Cybersecurity Caution:
This incident is a stark reminder of the growing cyberthreats facing Indian businesses, especially in high-stakes industries like pharmaceuticals. The hackers’ approach, which uses email as a point of entry and takes advantage of slight differences in sender credentials, demonstrates the ingenuity of contemporary cybercriminals. Calls for stricter due diligence procedures in vendor payments, more thorough employee education on phishing threats, and the implementation of cutting-edge email authentication systems have been sparked by this hack. The impacted organizations and industry watchers expect important lessons on cybersecurity resilience, digital trust, and the changing financial fraud scenario in India’s top enterprises as investigations proceed.
