Mer­ck in $1.3B show­down with in­sur­ers over 2017 ran­somware at­tack — Bloomberg

When Mer­ck was hit with a ran­somware at­tack in 2017, the phar­ma gi­ant was in fact just col­lat­er­al dam­age from a virus Rus­sia aimed at Ukraine, and the com­pa­ny is strug­gling to re­coup its loss­es be­cause its $1.75 bil­lion in­sur­ance plan doesn’t cov­er acts of war.

Those are de­tails from a rich­ly re­port­ed Bloomberg News sto­ry out yes­ter­day ex­plor­ing how a geopo­lit­i­cal fight in East­ern Eu­rope ac­ci­den­tal­ly en­tan­gled a New Jer­sey-based phar­ma­ceu­ti­cal com­pa­ny and sparked law­suits with ma­jor ram­i­fi­ca­tions for the fu­ture of in­sur­ance and cy­ber­crime.

Mer­ck em­ploy­ees log­ging on to their com­put­ers on June 27, 2017 were greet­ed with a po­lite mes­sage in pink let­ters: “Ooops, your im­por­tant files are en­crypt­ed. … We guar­an­tee that you can re­cov­er all your files safe­ly and eas­i­ly. All you need to do is sub­mit the pay­ment.” The pay­ment was $300 in bit­coin, per com­put­er.

The screen Mer­ck em­ploy­ees saw from the Petya at­tack

Ear­ly on, it was clear that Mer­ck was one vic­tim of a glob­al at­tack that al­so hit Dan­ish ship­ping com­pa­ny Maer­sk, Amer­i­can food com­pa­ny Mon­delez, French con­struc­tion gi­ant Saint-Gob­ain and even the sys­tems mon­i­tor­ing the Cher­nobyl nu­clear pow­er sta­tions, among oth­ers.

Un­like Cher­nobyl, though, it ap­pears that Mer­ck was not an in­tend­ed tar­get. The at­tack was dubbed Not­Petya, a cre­ation of the GRU Russ­ian mil­i­tary in­tel­li­gence agency (the same one that at­tacked the De­mo­c­ra­t­ic Na­tion­al Com­mit­tee), and it was de­signed to strike com­pa­nies and agen­cies in Ukraine, a coun­try that had been in con­flict with Rus­sia since 2014. But, per Bloomberg, Not­Petya con­t­a­m­i­nat­ed a tax soft­ware ap­pli­ca­tion, M.E.Doc, that was run­ning on a serv­er in Mer­ck’s Ukraine of­fice.

From there, it spread to the phar­ma gi­ant’s head­quar­ters, where it would elim­i­nate — in some cas­es — years of re­search, crip­ple Gardis­al 9 pro­duc­tion fa­cil­i­ties and even­tu­al­ly cause (by Mer­ck’s es­ti­mate) $1.3 bil­lion in dam­ages. Mer­ck, though, had a prop­er­ty in­sur­ance plan worth up to $1.75 bil­lion that cov­ered com­put­er da­ta, cod­ing and soft­ware (af­ter a $150 mil­lion de­ductible). But when Mer­ck went to ac­ti­vate the plan, most of their 30 in­sur­ers re­ject­ed them. Your plan doesn’t cov­er dam­ages from mil­i­tary ac­tion, they told “shocked” Mer­ck of­fi­cials.

What fol­lowed were, not sur­pris­ing­ly, a string of law­suits, with Mer­ck claim­ing that it was hit by a cy­ber — not a mil­i­tary — event. These law­suits, Bloomberg re­ports, are be­ing watched for the prece­dents they may set around how fu­ture cy­ber­crime is clas­si­fied.

The in­sur­ers are try­ing to prove two things: that the at­tack re­al­ly did come from Rus­sia and that Mer­ck was not as vig­i­lant as it could have been in pro­tect­ing their da­ta. Mer­ck, as End­points News re­port­ed short­ly af­ter the at­tack, had missed two op­por­tu­ni­ties to in­oc­u­late them­selves against the virus be­fore they were struck.

On Rus­sia, the in­sur­ers have got­ten a hand from the White House. Last year, the Trump Ad­min­is­tra­tion wrote with­out equiv­o­ca­tion that the at­tack “was part of the Krem­lin’s on­go­ing ef­fort to desta­bi­lize Ukraine and demon­strates ever more clear­ly Rus­sia’s in­volve­ment in the on­go­ing con­flict.”

“When the pres­i­dent of the Unit­ed States comes out and says, ‘It’s Rus­sia,’ it’s go­ing to be hard to fight,” Jake Williams, a for­mer Na­tion­al Se­cu­ri­ty Agency hack­er who now helps com­pa­nies hunt for vul­ner­a­bil­i­ties in their com­put­er net­works, told Bloomberg. “I’ll be sur­prised if the in­sur­ance com­pa­nies don’t get a win. This is as sol­id a case as they’re go­ing to get.”

But some le­gal ex­perts ex­pressed greater skep­ti­cism of the in­sur­ers’ case. All signs may point to Russ­ian cul­pa­bil­i­ty but when it comes to cy­ber, it’s not clear what mil­i­tary ac­tion means.

“It’s not go­ing to be an easy case for a judge in the U.S. to de­clare that this was an act of war,” Cather­ine Lotri­onte, a for­mer CIA lawyer who’s taught at George­town Uni­ver­si­ty, told Bloomberg.

A new era of treat­ment: How bio­mark­ers are chang­ing the way we think about can­cer

AJ Patel was recovering from a complicated brain surgery when his oncologist burst into the hospital room yelling, “I’ve got some really great news for you!”

For two years, Patel had been going from doctor to doctor trying to diagnose his wheezing, only to be dealt the devastating news that he had stage IV lung cancer and only six months to live. And then they found the brain tumors.

“What are you talking about?” Patel asked. He had never seen an oncologist so happy.

Endpoints Premium

Premium subscription required

Unlock this article along with other benefits by subscribing to one of our paid plans.

Michael Corbo, Pfizer CDO of inflammation & immunology

UP­DAT­ED: Plan­ning ahead for crowd­ed ul­cer­a­tive col­i­tis mar­ket, Pfiz­er spells out PhI­II da­ta on $6.7B Are­na drug

Pfizer has laid out the detailed results behind its boast that etrasimod — the S1P receptor modulator at the center of its $6.7 billion buyout of Arena Pharma — is the winner of the class, potentially leapfrogging an earlier entrant from Bristol Myers Squibb.

Pivotal data from the ELEVATE program in ulcerative colitis — which consists of two Phase III trials, one lasting 52 weeks and the other just 12 weeks — illustrate an “encouraging balance of efficacy and safety,” according to Michael Corbo, chief development officer of inflammation & immunology at Pfizer. The company is presenting the results as a late breaker at Digestive Disease Week.

Endpoints News

Keep reading Endpoints with a free subscription

Unlock this story instantly and join 142,600+ biopharma pros reading Endpoints daily — and it's free.

An NYU surgeon transplants an engineered pig kidney into the outside of a brain-dead patient (Joe Carrotta/NYU Langone Health)

'Xeno­trans­plan­ta­tion is com­ing': New NE­JM pa­per gives de­tailed look in­to 2 pig-to-hu­man kid­ney trans­plant cas­es

The thymokidney is a curious organ, if you could call it that. It’s a sort of Frankensteinian creation — a system of pig thymus embedded underneath the outer layer of a pig’s kidney, made for human transplantation.

In the first case of pig-to-human xenotransplantation of a kidney into a brain-dead patient, the thymokidney quietly featured front and center.

In that experiment, which took place in September of last year, NYU researchers led by Robert Montgomery sutured a pig thymokidney onto the leg of a brain-dead 66-year-old woman. That case was widely reported on by a horde of major media outlets, including the New York Times, the BBC, and an in-depth feature by USA Today.

Endpoints News

Keep reading Endpoints with a free subscription

Unlock this story instantly and join 142,600+ biopharma pros reading Endpoints daily — and it's free.

Vlad Coric, Biohaven CEO

UP­DAT­ED: Fresh off $11.6B sale to Pfiz­er, New Bio­haven hits Phase III set­back just weeks af­ter Vlad Coric chalked up promise

When Pfizer bought up Biohaven’s migraine portfolio in the largest M&A deal of the year earlier this month, Biohaven CEO Vlad Coric promised the rest of the pipeline, which will live on under the umbrella of New Biohaven, still has a lot to offer. But that vision took a dent Monday as the drugmaker revealed it’s once again flopped on troriluzole.

The glutamate regulator failed to meet the primary endpoint on a Phase III study in patients with spinocerebellar ataxia, an inherited disorder that impairs a person’s ability to walk, speak and swallow. SCA can also lead to premature death.

Endpoints News

Keep reading Endpoints with a free subscription

Unlock this story instantly and join 142,600+ biopharma pros reading Endpoints daily — and it's free.

Mihael Polymeropoulos, Vanda Pharmaceuticals CEO

Phar­ma com­pa­ny con­tin­ues its FDA law­suit spree, this time af­ter agency de­nies fast-track des­ig­na­tion

Vanda Pharmaceuticals is making a name for itself, at least in terms of suing the FDA.

The DC-headquartered firm on Monday filed its latest suit against the agency, with the company raising concerns over the FDA’s failure to grant a fast track designation for Vanda’s potential chronic digestive disorder drug tradipitant, which is a neurokinin 1 receptor antagonist.

Specifically, Vanda said FDA’s “essential point” in its one-page denial letter on the designation pointed to “the lack of necessary safety data,” which was “inconsistent with the criteria for … Fast Track designation.”

Mod­er­na seeks to dis­miss Al­ny­lam suit over Covid-19 vac­cine com­po­nent, claim­ing wrong venue

RNAi therapeutics juggernaut Alnylam Pharmaceuticals made a splash in March when it sued and sought money from both Pfizer and Moderna regarding their use of Alnylam’s biodegradable lipids, which Alnylam claims have been integral to the way both companies’ mRNA-based Covid-19 vaccines work.

But now, Moderna lawyers are firing back, telling the same Delaware district court that Alnylam’s claims can only proceed against the US government in the Court of Federal Claims because of the way the company’s contract is set up with the US government. The US has spent almost $10 billion on Moderna’s Covid-19 vaccine so far.

Endpoints News

Keep reading Endpoints with a free subscription

Unlock this story instantly and join 142,600+ biopharma pros reading Endpoints daily — and it's free.

(Credit: Shutterstock)

Cracks in the fa­cade: Is phar­ma's pan­dem­ic ‘feel good fac­tor’ wan­ing?

The discordant effects of the Covid-19 pandemic on pharma reputation continues. While the overall industry still retains a respectable halo from its Covid-19 quick response and leadership, a new patient group study reveals a different story emerging in the details.

On one hand, US patient advocacy groups rated the industry higher-than-ever overall. More than two-thirds (67%) of groups gave the industry a thumbs up for 2021, a whopping 10 percentage point increase over the year before, according to the PatientView annual study, now in its 9th year.

Endpoints News

Keep reading Endpoints with a free subscription

Unlock this story instantly and join 142,600+ biopharma pros reading Endpoints daily — and it's free.

Saqib Islam, SpringWorks CEO

Pfiz­er spin­out Spring­Works will ship its first drug to the FDA be­fore year’s end with PhI­II win

SpringWorks Therapeutics thinks it has cemented the backbone for its first “pipeline-in-a-product” oncology treatment and will send it to the FDA before the clock strikes 2023 with a Phase III win on Tuesday.

The oral gamma secretase inhibitor, dubbed nirogacestat, beat placebo on the primary goal of progression-free survival in adults with progressing desmoid tumors.

The soft-tissue tumors can lead to long-lasting pain, disfigurement and amputation, and there are currently no approved meds for the rare oncology indication. The tumors typically impact patients aged 20 to 44 years old and disproportionately affect women at rates 2 to 3 times higher, with up to a total of 1,650 new cases diagnosed in the US annually, according to SpringWorks.

Robert Califf (Michael Brochstein/Sipa USA via AP Images)

House Re­pub­li­cans at­tack Chi­na-on­ly da­ta in FDA sub­mis­sions, seek new in­ves­ti­ga­tion in­to re­search in­spec­tions

Three Republican representatives are calling on the FDA to take a closer look at the applications including only clinical data from China.

The letter to FDA commissioner Rob Califf late last week comes as the agency recently rejected Eli Lilly’s anti-PD-1 antibody, which attempted to bring China-only data but ran into a bruising adcomm that may crush the hopes of any other companies looking to bring cheaper follow-ons based only on Chinese data.

Endpoints News

Keep reading Endpoints with a free subscription

Unlock this story instantly and join 142,600+ biopharma pros reading Endpoints daily — and it's free.