Hackers steal Pfizer, BioNTech data in EMA breach as cybersecurity attacks heat up
It’s been a good week for Covid-19 vaccines, and perhaps an even better one for the hackers trying to steal Covid-19 vaccine data.
In a brief note Wednesday, the European Medicines Agency announced that it had been “the subject of a cyber-attack.” Pfizer and their German biotech partner BioNTech confirmed their data had been “unlawfully accessed’ as part of the breach, although they cautioned to Reuters that they did not believe participants’ personal information had been changed and that the EMA had assured them the hack would not interfere with the timeline for approval.
Stolen documents could potentially give useful information to other countries developing a vaccine, as well as information on other companies and systems involved in developing and distributing it.
The latest incident adds to a string of vaccine-directed cybersecurity attacks that have reportedly struck throughout the pandemic. News reports of such efforts have picked up in recent weeks.
In May, as vaccine efforts were accelerating, US officials warned Chinese hackers were targeting vaccine research, prompting a swift denial from the Chinese government.
In July, though, Britain’s National Cyber Security Centre released a report accusing Russian-backed groups, including one known as “Cozy Bear,” of targeting pharmaceutical companies working on vaccines. The Centre said that US and Canadian officials shared their assessment, and The Telegraph reported that the AstraZeneca-Oxford effort had been attacked. Russia denied involvement.
Then last month, Microsoft said that a Russian group named “Fancy Bear” and two North Korean groups named “Zinc” and “Cerium” attempted to break into systems at 7 pharmas and researchers in 5 countries. That included brute force efforts to attempt millions of potential passwords and phishing schemes where hackers would pose as World Health Organization officials and solicit people’s passwords.
Last week, IBM said that hackers backed by foreign governments had turned their attention to the companies that maintain the cold chain necessary to ship and store mRNA vaccines. Among other efforts, adversaries posed as an executive from the major cold chain company Haier Medical and solicited usernames and passwords. The attacks were global, IBM said.