HDFC Asset Management Company Limited (HDFC AMC) disclosed to the BSE and the National Stock Exchange (NSE) on May 18 that it had faced a cybersecurity incident two days earlier, after receiving a communication from an anonymous source claiming access to parts of the company’s information technology infrastructure. The company said it activated containment and incident response protocols after learning about the incident on May 16. It subsequently engaged a specialist firm to assess the potential impact.
However, the company stated that its initial assessment indicated the incident was unlikely to disrupt business continuity or operations.
SEBI calls for cybersecurity overhaul: Earlier this month, the Securities and Exchange Board of India (SEBI) issued a circular directing regulated entities to strengthen their cybersecurity infrastructure against AI threats, including the Claude Mythos model.
In a May 5 circular, SEBI said the model could identify and exploit vulnerabilities “using speed and scale”, potentially affecting data confidentiality, application integrity, and reliability of outputs across interconnected market participants. Additionally, the regulator warned that a breach at one entity could trigger cascading effects across the securities market ecosystem. SEBI also directed entities to immediately patch systems, conduct continuous AI-based vulnerability assessments and penetration testing, strengthen cybersecurity monitoring, and improve vendor risk management.
Why this matters: HDFC AMC’s assurance that operations remain unaffected may offer some comfort to customers, but the broader picture is alarming. CERT-In handled over 29.44 lakh cyber incidents in 2025. Globally, the FBI’s IC3 recorded total cybercrime losses of $20.877 billion in 2025, a 26% increase from 2024, while complaints surpassed one million for the first time in its history. As AI proliferates, the cybersecurity threat landscape will only deepen. In a market as interconnected as India’s securities ecosystem, incidents like this are likely to become more, not less, frequent.
Also read
- India pushes for sovereign control over AI cybersecurity systems: report
- Claude Mythos puts India on alert: CERT-In, telcos, banks assess unprecedented cyber risks
- Finance ministry says AI tools used for cybercrime and fraud prevention, ED is not using AI yet
For You
- Read Reasoned by Nikhil Pahwa: How AI is changing our world
- Sign up for MediaNama's Daily Newsletter to receive regular updates
- Sponsor a MediaNama Event
























