Today, the European Medicines Agency (EMA) revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December were leaked online.
EMA is a decentralized agency responsible for reviewing and approving COVID-19 vaccines and evaluating, monitoring, and supervising any new medicines introduced to the EU.
“The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties had been leaked on the internet,” EMA said today. “Necessary action is being taken by the law enforcement authorities.”
EMA also said that the European medicines regulatory network is fully functional, and COVID-19 evaluation and approval timelines are not affected by the incident.
On December 31st, BleepingComputer became aware of threat actors leaking what they claimed was the stolen EMA data on several hacker forums. Below is a screenshot of one of the leaks seen by BleepingComputer at the time.
Sources in the cybersecurity intelligence community have told BleepingComputer that the leaked stolen data includes email screenshots, EMA peer review comments, Word documents, PDFs, and PowerPoint presentations.
In December, the agency disclosed that it launched a joint investigation of the attack in cooperation with law enforcement and other relevant entities.
On the same day, Pfizer and BioNTech jointly disclosed that the cyberattack’s threat actors accessed some of the COVID-19 documents submitted to EMA.
“Today, we were informed by the European Medicines Agency (EMA) that the agency has been subject to a cyberattack and that some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed,” Pfizer’s and BioNTech’s joint statement said.
In subsequent updates, EMA said that the investigation revealed that only a limited number of documents were accessed without authorization. EMA also found that the data breach was limited to a single IT application, with the attackers primarily targeting data related to COVID-19 medicines and vaccines.
Hacking attempts against healthcare and medical organizations have intensified during the COVID-19 pandemic as attackers ranging from state-backed spies to cybercriminals hunt for valuable information.
Cybersecurity researchers at International Business Machines Corp. disclosed, in early December, that unknown hackers targeted companies and government agencies in the vaccine distribution chain.
Moderna said Monday that documents from its pre-submission discussions with EMA about its shot, mRNA-1273, were “unlawfully accessed” by hackers, citing a notification from the agency.