Novartis is latest victim of cyberattack, but claims no confidential data compromised — report
Just a few months ago, cybersecurity experts told Endpoints News that the biopharma industry is largely unprepared for cyberattacks. Novartis is the latest company to fall victim.
Specialized IT website Bleeping Computer reported that Novartis got hacked late last week, after hacking group Industrial Spy offered up data on its “extortion marketplace” that was apparently stolen from Novartis labs.
The news comes as as experts warn that many companies are leaving themselves vulnerable to major attacks, especially as more infrastructure moves online. In the words of BioBright CEO Charles Fracchia, “we are thoroughly f***ed.”
Industrial Spy claimed that the data are related to RNA and DNA-based drug technology and tests from Novartis, which were stolen “directly from the laboratory environment of the manufacturing plant.”
The data were likely stolen a few months ago, as the date listed on files was Feb. 25, according to a screenshot the hackers posted.
The hacking group offered to sell the data, a few files only 7.7 MB in size, for $500,000 in bitcoins, according to Bleeping Computer. It was not clear if these were the only files Industrial Spy had in its possession, or if there were more.
A Novartis spokesperson did not say much, but told Endpoints that:
Novartis is aware of this matter. We have thoroughly investigated it and we can confirm that no sensitive data has been compromised. We take data privacy and security very seriously and have implemented industry standard measures in response to these kind of threats to ensure the safety of our data.
Novartis did not clarify how the hackers got access or what type of data was stolen. However, Industrial Spy is known to use ransomware in attacks, according to Bleeping Computer — and as far as it was able to tell, there is no evidence that company devices were encrypted.
Meanwhile, cybersecurity experts are encouraging companies to improve their digital security efforts. Merck was also hit hard back in 2017, when a malware known as NotPetya — based on stolen NSA technology — crippled Gardasil 9 production facilities, destroyed years of research and caused more than a billion dollars in damages. While insurers called the attack an “act of war” and sought to deny Merck’s policy coverage, a court decided early this year that the insurer’s war exclusion policy only applied to traditional forms of warfare.
Digital risk protection company Constella found more than 9,800 breaches and leakages at the top 20 pharma companies on the Fortune Global 500 list, after analyzing records between 2018 and 2021. With J&J, Merck, Pfizer and others on the list, those breaches resulted in several million exposed records, and the majority of those included personally identifiable information. Even so, more than 75% of those breaches occurred after the start of the pandemic.