The large pharmaceutical company Novo Nordisk has confirmed an IT incident in which attackers have accessed personal information from internal IT systems, among other things. The cyber gang FulcrumSec now claims responsibility and is providing a sample of more than 250 GB of the stolen data on the darknet.
Novo Nordisk already admitted to the data leak last week. According to the company, limited amounts of information about patients participating in clinical trials are included. The manufacturer assures that no patient names or other directly identifiable data are included. The criminal gang FulcrumSec states on its darknet site that it concerns data from approximately 11,500 pseudonymized study participants. According to Novo Nordisk, the datasets include patient ID, gender, year of birth, biomarkers, health and immunogenicity data, and lifestyle information such as alcohol consumption, smoking, or body mass index.
The pharmaceutical company has launched investigations with IT security experts and taken security measures, including temporarily taking some internal IT systems offline. These are now to be brought back online piece by piece, but this will still take some time.
Potentially valuable trade secrets leaked
The alleged perpetrators from FulcrumSec state on their darknet site that they have obtained a total of 4748 source code repositories, 41,144 drugs or components including their structures, more than 30 proprietary AI models and 70 associated datasets, data from 163,234 employees, and the specific recipe for Amycretin – the latter is an experimental drug that is said to contribute to greater weight loss than Ozempic / Semaglutide. Allegedly, five unpublished programs that do not appear in Novo Nordisk publications or SEC filings are also included. The total data collection is said to have a volume of 1.3 TB.
According to Reuters, FulcrumSec is demanding a ransom of 25 million US dollars from Novo Nordisk, but the company is reportedly refusing to pay. The company is said to have contacted the extortionists on June 3rd, about two days after the perpetrators had contacted Novo Nordisk managers. Reuters has not yet been able to confirm the authenticity of the sample data; however, Novo Nordisk confirms the publication of the data.
Such IT incidents remain one of the most common IT security problems. For example, it became known on Tuesday that the household robot manufacturer Ecovacs fell victim to an IT intrusion. Here too, the perpetrators are threatening to sell the stolen data if the company does not pay a ransom.
(dmk)
Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.
This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.