Novo Nordisk Hit by Data Breach: Hackers Steal One Terabyte, Company Refuses $25 Million Ransom.

Data Theft at Novo Nordisk

According to Espreso.tv: The cybercriminal group FulcrumSec has claimed responsibility for a major data breach targeting the Danish pharmaceutical giant Novo Nordisk. Over a two-month period, attackers exfiltrated more than one terabyte of sensitive information from the company's network. The stolen data includes source code, drug-related documentation, clinical trial records, and personal details of employees, physicians, and patients.

Novo Nordisk’s Core Business

Novo Nordisk is a leading manufacturer of diabetes and obesity treatments, including widely known drugs such as Ozempic and Wegovy. In response to the incident, the company acknowledged a cyberattack that compromised its systems. FulcrumSec stated that after Novo Nordisk refused to pay a $25 million ransom, the group is now considering selling portions of the stolen data on the black market. This breach highlights the growing cybersecurity threats facing the healthcare sector, where sensitive medical and personal data is increasingly targeted by sophisticated attackers.

This incident underscores the escalating cyber risks, particularly in light of major attacks like the April 2023 breach in which Russian intelligence services compromised roughly one-third of Moldova’s government databases. The theft of data from a pharmaceutical company carries severe implications—not only for the organization itself but also for patients, healthcare providers, and other stakeholders, given the highly sensitive nature of the compromised information.