Nippon Mutual Fund website has been down since a cyberattack on 9 April

The website of Nippon Life India Asset Management Ltd, India's largest mutual fund by number of investors, has been down since a cyberattack hit the company’s IT infrastructure on 9 April. When Mint visited the website on 17 April, the home page was accessible but the login page was not.

The company wrote in an exchange filing on 10 April, “There has been an incident involving a cyber attack on our IT infrastructure late last night. Immediately upon becoming aware of the incident, we have taken the necessary steps to investigate and respond to the incident, including shutting down affected systems.” 

It added, “We are working with leading cybersecurity experts to support our investigation and identify the extent of the issue and take remedial action as necessary.”

The company shut its website as it wanted to insulate the data of its registrar and transfer agent (RTA) K-fintech from the attack, said a source who did not wish want to disclose their name.

“We are surprised that it's been like this for almost a week now,” said Amol Joshi, a mutual fund distributor. “Typically, routine maintenance would happen at midnight."

He added that emails from the AMC containing addendums have had PDFs attachments since the incident. Previously, the contained a link to the addendum or notice on the company's website.

‘No investor data compromised’

Abhijit Shah, chief technical officer at Nippon Life India Asset Management, said, “Owing to a cyber incident on our IT infrastructure on 9 April, transactions through digital assets like websites and mobile applications are inaccessible due to maintenance activity being carried out. We regret this inconvenience.

“Our preliminary investigations have shown that there has been no compromise on the systems and investor data. Please note that all our branches, RTA (registrar and transfer agent) i.e. KFintech, and alternative digital channels such as exchanges, MF Central, MF Utilities etc are available to all our investors to transact with us. Furthermore, there is no impact on our investment- and operations-related activities due to this incident."

Shah added that the AMC had strict security protocols and procedures in place and all systems were monitored around the clock. "We are working on restoring the services back at the earliest, and would like to assure our investors that their investments and data are completely safe in our environment. All relevant concerned authorities namely Cert-in, SEBI, stock exchanges etc have been informed," he said.

On Thursday, Nippon Life India Asset Management stock gained 3% to close at ₹598. It’s up 5.5% since 11 April, the day after the cyber attack.

In February, ransomware gang LockBit said it was behind the hacking of another of India’s top brokerage firms, Motilal Oswal. It claimed to have gained access to ‘confidential data’, according to a report by TechCrunch.

In June 2022, Sebi amended its cybersecurity framework for regulated entities. It said AMCs and mutual funds must report any cyber incidents, attacks, or breaches to Sebi within six hours of detecting them, and conduct a comprehensive cyber audit at least twice a year.

What should investors do?

If you invest directly through Nippon’s website, you won't be able to log in to your account for now. You can access your funds through the MFU platform or by logging in to Kfintech. For MFU, you need to first open an account and get your ‘common account number’.

If you invest in the AMC's funds using third-party apps such as Zerodha or Groww , or RTA platforms, you can continue to transact through those apps.