Hackers have started leaking documents related to COVID-19 medicine and vaccines that were stolen from the European Medicines Agency (EMA) in early December 2020.
The data breach resulted in “a limited number of documents belonging to third parties” being unlawfully accessed, EMA announced on December 11. An investigation was immediately launched into the incident.
While EMA did not provide information on the affected third-parties, Pfizer and BioNTech at the time published a joint statement to reveal that the incident resulted in hackers accessing “some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2.”
At the time, Pfizer and BioNTech also said that no trial participants appeared to have been identified using the accessed data.
One week later, EMA, which contacted law enforcement and contracted a third-party firm to support the investigation into the incident, reiterated that the data breach affected only a limited number of documents.
On Wednesday, the agency revealed that the threat actor behind the data breach has published some of the documents that were stolen during the incident (in which a single IT application containing data related to COVID-19 medicines and vaccines was compromised).
“The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties have been leaked on the internet. Necessary action is being taken by the law enforcement authorities,” EMA announced.
The regulator also notes that it continues to notify the entities and individuals who might have had documents or personal data accessed during the data breach.
“The Agency and the European medicines regulatory network remain fully functional and timelines related to the evaluation and approval of COVID-19 medicines and vaccines are not affected,” EMA also said.
While both EMA and the affected organizations refrained from providing specific information on the accessed files, BleepingComputer says Microsoft Word documents, PowerPoint presentations, email screenshots, EMA peer review comments, and PDF documents were stolen.
The hackers started leaking data allegedly stolen from EMA at the end of December.
Related: EU Agency Assessing Covid-19 Vaccines Hit by Cyberattack
Related: Vaccine Documents Hacked as West Grapples With Virus Surge
Related: North Korean Hackers Target COVID-19 Research

More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
