Pennsylvania pharma giant West Pharmaceutical Services is scrambling to restore systems impacted by a ransomware attack last week.
The incident, the company says in an incident notice, occurred on May 4 and prompted the “proactive shutdown and isolation of affected on-premise infrastructure”.
The containment measure disrupted the company’s business operations globally, West Pharmaceutical Services said in a Monday filing with the Securities and Exchange Commission (SEC).
Additional incident response measures included restricting access to enterprise systems and activating crisis management protocols, the company says.
The pharma giant retained Palo Alto Networks’ Unit 42 threat intelligence and incident response team to aid with containment, system restoration, and incident investigation, and notified law enforcement.
“While the company has restored its core enterprise systems, and critical processes for shipping, receiving, and manufacturing have restarted at some sites with restoration of the remaining sites in process, the timeline for a complete restoration has not yet been finalized,” the company says.
West Pharmaceutical Services told the SEC that the attackers exfiltrated data from its systems before deploying file-encrypting ransomware, and that it is investigating the extent of the data affected.
While it did not name the ransomware group responsible for the intrusion, the company told the SEC that it “has taken steps intended to mitigate the risk of dissemination of the exfiltrated data,” which implies that it might have negotiated with the attackers.
SecurityWeek has not seen any known ransomware groups claiming responsibility for the attack, suggesting that a ransom might have been paid.
West Pharmaceutical Services told the SEC that it has yet to determine if the attack has had any material impact on its financial condition and results of operations.
The company has not shared details on the type of data that was stolen, whether any personal information was involved, or how many people might have been affected.
SecurityWeek has emailed West Pharmaceutical Services for additional information on the matter and will update this article if the company responds.
Founded in 1923 and headquartered in Exton, Pennsylvania, West Pharmaceutical Services makes injectable pharmaceutical packaging and delivery systems.
Related: Skoda Data Breach Hits Online Shop Customers
Related: Ransomware Group Takes Credit for Trellix Hack
Related: Iranian APT Intrusion Masquerades as Chaos Ransomware Attack
Related: AI Firm Braintrust Prompts API Key Rotation After Data Breach
