The website of Nippon Life India Asset Management Ltd (NAM India), one of India’s largest mutual fund houses by investor count, has remained largely inaccessible since a cyberattack hit its IT infrastructure on April 9.
While the home page of the Nippon Mutual Fund website remained visible as of April 19, key functionalities such as user login and online transactions were still unavailable. The disruption stems from a security breach that forced the asset management company (AMC) to shut down certain systems as a precautionary measure.
In a stock exchange filing dated April 10, the company confirmed, “There has been an incident involving a cyber attack on our IT infrastructure late last night. Immediately upon becoming aware of the incident, we have taken the necessary steps to investigate and respond to the incident, including shutting down affected systems.”
The prolonged downtime has caused concern among distributors and investors.
“We are surprised that it’s been like this for almost a week now,” said Amol Joshi, a Mumbai-based mutual fund distributor. “Typically, routine maintenance would happen at midnight.”
He noted that recent communications from the AMC included attached PDF notices rather than the usual website links.
According to a person familiar with the matter, who requested anonymity, the shutdown was partly a strategic move to protect data managed by KFintech, the company’s registrar and transfer agent (RTA), from potential exposure.
Abhijit Shah, Chief Technical Officer at NAM India, addressed the situation, stating,“Owing to a cyber incident on our IT infrastructure on 9 April, transactions through digital assets like websites and mobile applications are inaccessible due to maintenance activity being carried out. We regret this inconvenience.
Shah said that preliminary investigations had not revealed any data breach.
“All our branches, the RTA, and other digital platforms like exchanges, MF Central, and MF Utilities remain fully operational for transactions.”
He added that strict cybersecurity protocols are in place and that the company is working closely with experts to restore services at the earliest. Relevant authorities including CERT-In, SEBI, and stock exchanges have been notified.
The incident comes amid rising cybersecurity concerns in India’s financial sector. In February, the LockBit ransomware group claimed responsibility for hacking Motilal Oswal, another leading investment firm, alleging it had accessed confidential data.
Sebi’s cybersecurity regulations require AMCs to report breaches within six hours of detection and conduct biannual audits. NAM India’s response appears in line with these guidelines.
For investors who typically transact through Nippon’s website, Shah advised using alternate channels in the interim.
You must be logged in to post a comment.