Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hackers Publish COVID-19 Vaccine Data Stolen From EU Medicines Agency

Hackers have started leaking documents related to COVID-19 medicine and vaccines that were stolen from the European Medicines Agency (EMA) in early December 2020.

Hackers have started leaking documents related to COVID-19 medicine and vaccines that were stolen from the European Medicines Agency (EMA) in early December 2020.

The data breach resulted in “a limited number of documents belonging to third parties” being unlawfully accessed, EMA announced on December 11. An investigation was immediately launched into the incident.

While EMA did not provide information on the affected third-parties, Pfizer and BioNTech at the time published a joint statement to reveal that the incident resulted in hackers accessing “some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2.”

At the time, Pfizer and BioNTech also said that no trial participants appeared to have been identified using the accessed data.

One week later, EMA, which contacted law enforcement and contracted a third-party firm to support the investigation into the incident, reiterated that the data breach affected only a limited number of documents.

On Wednesday, the agency revealed that the threat actor behind the data breach has published some of the documents that were stolen during the incident (in which a single IT application containing data related to COVID-19 medicines and vaccines was compromised).

“The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties have been leaked on the internet. Necessary action is being taken by the law enforcement authorities,” EMA announced.

The regulator also notes that it continues to notify the entities and individuals who might have had documents or personal data accessed during the data breach.

“The Agency and the European medicines regulatory network remain fully functional and timelines related to the evaluation and approval of COVID-19 medicines and vaccines are not affected,” EMA also said.

While both EMA and the affected organizations refrained from providing specific information on the accessed files, BleepingComputer says Microsoft Word documents, PowerPoint presentations, email screenshots, EMA peer review comments, and PDF documents were stolen.

The hackers started leaking data allegedly stolen from EMA at the end of December.

Related: EU Agency Assessing Covid-19 Vaccines Hit by Cyberattack

Related: Vaccine Documents Hacked as West Grapples With Virus Surge

Related: North Korean Hackers Target COVID-19 Research

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...