Cyber Incident Victim: Dr Reddys Laboratories Ltd

On or around October 22, 2020, Dr Reddy’s Laboratories Ltd, an Indian pharmaceutical company producing COVID-19 treatments remdesivir and favipiravir and recently contracted to manufacture Russia’s Sputnik-V vaccine, experienced a cyber-attack that disrupted its global operations. The company responded by isolating all its data centers and shutting down production plants across multiple countries, including the United States, UK, Brazil, India, and Russia. The incident prompted an immediate public statement from Chief Information Officer Mukesh Rathi, who sought to reassure stakeholders by projecting a 24-hour recovery timeline and downplaying anticipated operational impacts. Despite these assurances, the attack triggered a 4% decline in the company’s share price following initial media reports by Indian channel ET Now. No technical details regarding the attack vector, intrusion methods, or specific compromised systems were disclosed publicly.

The lack of confirmed information left the attackers’ motives ambiguous, with no clarity on whether ransomware deployment, data theft, or other objectives drove the incident. The company’s isolation of data centers indicated a containment strategy focused on preventing lateral movement, though the duration and completeness of the shutdowns were not specified. Industry observers, including UK government advisor and SonicWall CEO Bill Conner, highlighted the high value of pharmaceutical intellectual property—particularly COVID-19-related research and vaccine production data—as a likely target for adversaries seeking monetary gain or geopolitical leverage. The incident occurred during a critical period for Dr Reddy’s, which had just received regulatory approval in India to commence phase 2/3 clinical trials for the Sputnik-V vaccine, amplifying concerns about operational delays. No data breaches, ransom demands, or specific recovery milestones beyond the initial 24-hour estimate were subsequently confirmed in public reporting.