Alkem Laboratories Ltd has revealed that its wholly owned subsidiary, Enzene Biosciences, was the target of a cyberattack affecting its U.S. operations, which led to a fraudulent transfer of funds. The company disclosed the Enzene Biosciences cyberattack in a regulatory filing on Thursday, May 15, 2025.
According to the statement submitted to the Bombay Stock Exchange (BSE) and the National Stock Exchange (NSE), the Enzene Biosciences cyberattack involved the compromise of business email accounts belonging to certain employees at its U.S. subsidiary. These compromised email IDs were exploited by unknown threat actors to facilitate an unauthorized financial transaction. The exact extent of the financial damage is still under investigation.
“We wish to inform you that our subsidiary Enzene Biosciences Limited (Enzene) has detected a cybersecurity incident at its US subsidiary, where business email IDs of certain employees at the US subsidiary were compromised. The incident resulted in a fraudulent transfer of funds,” the company stated in its formal notice.
The Enzene Biosciences Cyberattack Investigation
In response to the Enzene Biosciences data breach, Alkem Laboratories has enlisted independent cybersecurity firms to conduct a comprehensive investigation. These third-party agencies will perform a full forensic analysis of the breach and present a detailed report to the boards of both Enzene and Alkem.
Although the company has not disclosed the total value of the fraudulent transaction, internal teams are working in parallel with the external agencies to quantify the impact. The company is also in the process of filing complaints with the relevant regulatory and governmental bodies.
The Cyber Express has also reached out to the organization to learn more about this data breach. However, at the time of writing this, no official statement or response has been received.
Alkem Prioritizes Transparency and Governance
In a letter signed by Manish Narang, Alkem Laboratories emphasized its commitment to transparency. The board made a deliberate decision to publicly disclose the cyberattack on Enzene Biosciences, citing principles of good corporate governance.
“The Board of Directors of the Company has decided that in the interest of transparency and as a matter of good governance, this incident should be reported to the stock exchanges,” the letter read.
The data breach at Enzene Biosciences highlights the increasing risk of cyber threats in the pharmaceutical industry, which remains a lucrative target for cybercriminals. The method used—compromising employee emails—is part of a broader trend in Business Email Compromise (BEC) attacks. These attacks manipulate trusted communication channels to initiate unauthorized fund transfers.
While no intellectual property or clinical data has been reported stolen, the financial implications and reputational risk remain a matter of concern.
Conclusion
Enzene Biosciences, known for its innovation in biologics and biopharmaceutical manufacturing, is expected to cooperate fully with investigators and regulators as more details emerge. For Alkem Laboratories, this incident may prompt better organizational reviews of cybersecurity practices across all subsidiaries.
The outcome of the ongoing investigation will be critical in determining next steps. This is an ongoing story, and The Cyber Express will be closely monitoring the situation. We’ll update this post once we have more information on the attack or any additional statement from the firm.
