One of the world’s largest pharmaceutical companies just got a very expensive wake-up call. A cyber extortion group calling itself FulcrumSec claims to have breached Novo Nordisk’s internal systems, stolen over one terabyte of data, and issued a $25 million ransom demand that the Danish drugmaker has so far refused to pay.
What happened inside Novo Nordisk’s networks
FulcrumSec publicly claimed responsibility for the breach on June 16, 2026, alleging it had maintained persistent access to Novo Nordisk’s internal networks for more than two months before being detected or expelled.
Novo Nordisk itself acknowledged the incident slightly earlier, publicly disclosing the breach around June 11-12. The company confirmed that attackers gained unauthorized access to several internal IT systems and managed to copy data externally.
The stolen information reportedly includes de-identified patient data from clinical trials, including years of birth, biomarkers, and lifestyle factors. The haul also allegedly includes confidential information related to specific drugs and internal company documents.
