Alkem Labs Faces ₹52 Crore Loss from Business Email Compromise Attacks

Alkem Laboratories reported multiple incidents of Business Email Compromise (BEC) resulting in significant financial losses. Attackers compromised employee email accounts, impersonating senior executives to authorize fraudulent transfers. One incident led to a loss of ₹52 crore, while another resulted in a remaining loss of ₹22.31 crore after partial recovery. The attacks exploited email-based financial instructions, utilizing domain spoofing techniques to make fraudulent communications appear legitimate. Alkem has taken corrective measures and filed complaints with authorities. Investigations are ongoing to track the perpetrators, with some funds partially recovered by US law enforcement. The incidents highlight vulnerabilities in email security within financial operations.

Key Points: • Alkem Laboratories suffered a total loss of ₹52 crore due to BEC attacks. • Attackers impersonated executives and used compromised email accounts for fraudulent transfers. • US law enforcement recovered ₹28.98 crore, but ₹22.31 crore remains lost.