The group claims to have hacked the company in March through a GitHub access token that allowed it to clone Novo Nordisk repositories and find additional credentials.
FulcrumSec said it stole roughly 1.3 terabytes of data from the pharma giant and provided a list of over 700,000 files as proof.
It also provided detailed information on the type of data allegedly stolen from the company, which appears to include intellectual property such as undisclosed drug programs, proprietary compound structures, the Dicerna RNAi pipeline, private AI models, and other data.
The hacking group demanded a $25 million ransom, but the extortion attempt failed, and the hacking group is now threatening to leak the stolen data.
well, at least this kind of stuff gives them a very strong incentive to better their security, as opposed to the "oops, we lost our customers' records again"
it’s less people’s data, sure there is going to be some patient trial records, etc, but this isn’t very interesting as the juicy stuff is probably documented in medical literature anyway.
the big loss to the company would be the synthesis pathways and records of novel molecules that took them many years to research. even just directional research data could speed up rival pharma research. the actual value on keeping this stuff secret is easily in the billions of dollars.
My goodness