InfoSecBulletin Cybersecurity for mankind
Indian Pimpri Chinchwad police’s cyber cell is looking into a complaint where a hacker demanded $80,000 (over Rs 68 lakh) from a biopharmaceutical company in Hinjewadi to release encrypted data he had stolen.
A senior employee contacted the police on Monday following a threatening email received on April 27. A case has been filed under section 308 of the Bharatiya Nyaya Sanhita, and sections 43, 66, and 72 of the Information Technology Act.
Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges
184 Million Leaked Credentials Discovered in Open Database
Palo Alto Networks Warns of XSS Flaw: PoC Released
Pwn2Own Berlin reveals 29 critical vulns in major tech firms
High-Severity Flaw Hits Atlassian Jira Data Center
All major mobile networks go down across Spain
Researchers found 200 billion files exposed in cloud buckets
Bank server compromised using customer’s mobile, steal ₹11 crore
“InfoSecCon-2025″ held successfully promising cyber resilience
Intel PC, laptop and server processors affected for 6 years: Report
Police sub-inspector Sagar Poman stated that this is a ransomware attack. Initial investigations showed that a cybercriminal sent a harmful email to an employee, which allowed access to one of the company’s 15 servers.
The hacker got access to all of them.” The hacker then started copying the data, Poman said. “By the time the employees realised what was happening, the hacker had copied the entire data, encrypted it, and put a password on it.”
Poman said the hacker sent emails to company officials seeking $80,000 within three days. “He also threatened that if the company tried to decrypt the data, they would lose it within 24 hours. The cybercrook also said that if the money was not transferred to him, he would sell the data on the dark web.”
For the last two days, the company’s operations have stopped, the police officer said. “We will record statements of about 300 employees.”
Times of India reported, Rohan Nyayadish, director of Digital Task Force, too called it a case of ransomware attack in which data of a company is either stolen or compromised due to un-updated firewalls or online security measures. “Firms must follow security audit norms issued by Central govt on April 1 and they should spend money on insuring their data and research.”
The cyber criminals steal data or programmes of a company after targeting its servers, Nyayadish further said. “Cyber criminals generally demand ransoms via cryptocurrencies. Companies should not pay it and report the matter to the police; experts can retrieve the data.”
Advocate and cybercrime expert Gaurav Jachak said ransomware is not just a cyberattack – it is digital extortion, and strong cybersecurity is the only shield. “Such crimes are punishable under the IT Act and the BNS. It is important for victims to quickly report to the cyber police and keep all digital proof safe. People must also know that paying ransom is not the solution – it only encourages criminals. Companies should regularly back up their important data in a mirror image format on multiple devices to stay safe from such attacks.”
