Ransomware victim disclosure
← All victimsAurobindo Pharma USA
listed as aurobindousa.com · Claimed by Abyss · listed 3 years ago
Status timeline
- ListedNov 30, 2023
- Data leakeddate unknown
At a glance
- Group
- Abyss
- Status
- Data leaked
- Country
- India
- Sector
- Pharmaceutical
- Listed on leak site
- Nov 30, 2023
- Data size
- 3.7 TB
About the victim
AI dossier — public-source company profileAurobindo Pharma USA is the US subsidiary of Aurobindo Pharma, a vertically integrated generic pharmaceutical company headquartered in East Windsor, New Jersey. The company manufactures and distributes a broad portfolio of generic pharmaceuticals—including oral solids, injectables, topicals, ophthalmics, and inhalations—serving customers across 125+ countries. Its operations span active ingredient production, formulation, packaging, and distribution from a 567,000 sq ft warehousing and distribution facility.
- Industry
- Generic Pharmaceutical Manufacturing & Distribution
- Address
- 279 Princeton Hightstown Road, East Windsor, NJ 08520
Attack summary
Severity: critical — 3.7 TB of data has been published (disclosed status: data_published) from a major pharmaceutical manufacturer. Given the regulated nature of the pharmaceutical industry, this volume almost certainly encompasses sensitive regulated data including potential PII, drug supply chain records, R&D data, FDA regulatory submissions, financial records, and employee/patient information at significant scale.The Abyss ransomware group claims to have exfiltrated 3.7 TB of uncompressed data from Aurobindo Pharma USA and has published the data. No encryption claim is explicitly stated in the leak post.
Data the group says was taken
AI dossier — extracted from the leak post- Unspecified corporate data (3.7 TB uncompressed)
What the group claims
Aurobindo 3,7Tb uncompressed data
Sources
- Victim siteaurobindousa.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

