Cybercrime Group Claims Novo Nordisk Hack: What You Need to Know

Post Views: 7

Cybercrime Group Claims Novo Nordisk Hack A hack-and-leak collective known as FulcrumSec has asserted accountability for breaching the Danish pharmaceutical corporation Novo Nordisk.

Overview of the Breach

The incident was revealed late last week, with the company notifying patients that unauthorized actors had infiltrated its internal IT infrastructure and extracted data tied to clinical trials. The pharmaceutical firm stated that the compromised information was pseudonymized, preventing direct identification of individuals by name or unique identifiers.

“Access to patient identities would require additional data not involved in this incident,” the company clarified. Although no cybercrime organization had previously acknowledged the attack, FulcrumSec reached out to DataBreaches to publicize its breach of Novo Nordisk.

The Hack and Leak

The group claims to have exploited a GitHub access token in March to clone the company’s repositories and obtain supplementary credentials. FulcrumSec reported stealing approximately 1.3 terabytes of data from the pharmaceutical entity, accompanied by a catalog of over 700,000 files as evidence.

The group also detailed the nature of the data allegedly exfiltrated, which reportedly includes intellectual property such as unannounced drug development initiatives, proprietary molecular structures, the Dicerna RNAi pipeline, confidential artificial intelligence models, and additional sensitive materials.

Data Stolen and Ransom Demand

FulcrumSec shared portions of its communication with Novo Nordisk, including stolen credentials to validate its claims. The group demanded a $25 million ransom, but the extortion attempt did not succeed. It has since warned of imminent data disclosure.

As of the latest update, Novo Nordisk has not appeared on FulcrumSec’s Tor-based data leak platform. The breach highlights vulnerabilities in software development practices, particularly the risks associated with misconfigured access tokens and insecure repository management.

Industry Implications

The stolen data’s potential impact on pharmaceutical research and competitive advantage remains a critical concern for the industry. Organizations are urged to review access controls and monitor for unauthorized activity in code repositories.

No further details about the breach’s scope or mitigation efforts have been disclosed by the affected entity. The situation underscores the growing threat of hack-and-leak operations targeting critical sectors and the challenges of addressing data exfiltration in modern digital ecosystems.

“Access to patient identities would require additional data not involved in this incident,” the company clarified.