The European Medicines Agency (EMA) revealed on January 12 that some of the date concerning the Pfizer / BioNTech COVID-19 vaccine stolen from servers of in December. The EMA is responsible for reviewing and approving COVID-19 vaccines, as well as evaluating, monitoring and monitoring any new drugs introduced into the EU.
After attack, Pfizer / BioNTech issued a joint statement confirming that hackers acquired access in documents related to COVID-19 investigations. In particular, in their relevant announcement they mentioned the following:
"Today, the European Medicines Agency (EMA) was informed that it had been hacked and that some documents related to the regulatory submission for the Pfizer / BioNTech COVID-19 candidate vaccine, BNT162b2, which were stored on an EMA server, had been breached. »
The Agency now states in its communication: "The ongoing investigation into the EMA cyberattack has revealed that some of the documents on drugs and vaccines for COVID-19 that have been breached have been leaked to the internet. The necessary actions are taken by law enforcement authorities. The Agency shall continue to fully support criminal investigations into data breaches and to notify any additional entities and individuals whose documents and personal data may have been unauthorized access. "
The EMA also noted that the European Medicines Regulatory Network is functioning normally and that COVID-19 evaluation and approval schedules are not affected by the incident. security.
In late December, security experts from the company threat intelligence Cyble discovered that many documents related to the COVID-19 vaccine allegedly stolen by the EMA had been leaked to the dark web. So Cyble started tracking documents posted on one of the Russian-speaking forums. The links to the documents were notified by a new profile used only for the alleged data leak.
The documents include the supposed evaluation report of the COVID-19 vaccine, together with the summary report on the marketing and efficacy of the drug.
National bodies consider the organizations involved in vaccine research to be a 'strategic target» to gather information about the ongoing pandemic. In late November, Reuters news agency revealed that COVID-19 vaccine company AstraZeneca had been targeted by hackers linked to North Korea.
Furthermore, organizations Healthcare providers, such as Johnson & Johnson, observe a wave of cyberattacks carried out by government hackers during the pandemic.
Also in December, IBM X-Force experts warned of cybercriminals actively targeting organizations related to cold chain COVID-19 vaccine. Many have also targeted organizations involved in researching and delivering COVID-19 vaccines since the pandemic broke out.