HDFC Asset Management Company Ltd (HDFC AMC) on Monday disclosed a cyber-security incident at its IT infrastructure after receiving a communication from an anonymous source claiming access to certain portions of its systems.
The company said the incident occurred on May 16, 2026, following which it promptly activated containment and incident response protocols and engaged a specialist firm to assess the extent of the potential impact.
Also Read: Cybersecurity breaches emerge as top risk for India Inc: Report
While the detailed assessment is still underway, HDFC AMC said preliminary findings indicate that the incident is unlikely to affect business continuity or operations and that there does not appear to be any material impact on the company.
The disclosure was made as part of regulatory compliance and good governance practices, the company added.
HDFC AMC share price opened lower on Monday and were last trading down 2.3% to Rs 2,645.9, as of 9:16 am.
The incident comes at a time when cyber-security risks are emerging as a growing concern for Indian businesses and financial institutions, amid a sharp rise in digital fraud cases across the country.
According to official data, high-value cyber fraud incidents in India surged more than fourfold in fiscal 2024, leading to losses of about $20 million, as per a report from Reuters. The number of cases involving amounts of Rs 1 lakh or more jumped to 29,082 from 6,699 in the previous year, underscoring the rapid escalation in scale.
With India’s expanding digital payments ecosystem—fuelled by low-cost mobile data and widespread adoption of platforms such as Paytm, Google Pay and PhonePe—the financial system has become increasingly vulnerable to fraud attempts even as transaction volumes surge.
Broader industry surveys also highlight the mounting concern. A recent FICCI-EY Risk Survey found that cyber-attacks and data breaches are now among the top risks for Indian companies, with a majority of senior executives flagging them as a key threat to financial and reputational stability.
Also Read: Upwind: A US cybersecurity co shares what's in demand now as wars move to the cloud
Regulators have also stepped up response measures, with the telecom regulator ordering stricter action against spam callers and the central bank proposing mechanisms to freeze suspected fraudulent accounts more quickly. Public awareness campaigns and industry-led initiatives have also been scaled up to improve cyber literacy among users.
