The large pharmaceutical company Novo Nordisk has confirmed an IT incident in which attackers have accessed personal information from internal IT systems, among other things. The cyber gang FulcrumSec now claims responsibility and is providing a sample of more than 250 GB of the stolen data on the darknet.
Novo Nordisk already admitted to the data leak last week. According to the company, limited amounts of information about patients participating in clinical trials are included. The manufacturer assures that no patient names or other directly identifiable data are included. The criminal gang FulcrumSec states on its darknet site that it concerns data from approximately 11,500 pseudonymized study participants. According to Novo Nordisk, the datasets include patient ID, gender, year of birth, biomarkers, health and immunogenicity data, and lifestyle information such as alcohol consumption, smoking, or body mass index.
The pharmaceutical company has launched investigations with IT security experts and taken security measures, including temporarily taking some internal IT systems offline. These are now to be brought back online piece by piece, but this will still take some time.
Potentially valuable trade secrets leaked
