BUSINESS

Copenhagen drugmaker hit by massive cyber extortion

▪

Read, Watch or Listen

Media Bias Meter

Sources: 2

Center 100%

Sources: 2

Novo Nordisk A/S, the Copenhagen-based pharmaceutical company, is responding to a significant cybersecurity incident after a criminal group claimed to have stolen 1.3 terabytes of internal data and demanded a $25 million ransom. The company disclosed the breach on June 11, 2026, stating that unauthorized access occurred on a limited number of internal IT systems and that some non-public data was copied and transferred. Researchers at CybelAngel and Dark Reading report that attackers exploited a single exposed GitHub personal access token found in client-side JavaScript. The group, calling itself FulcrumSec, alleges it obtained drug formulas, AI models, and clinical-trial-related data.

Prepared by Christopher Adams and reviewed by editorial team.

Timeline of Events

June 11, 2026 Novo Nordisk discloses cybersecurity incident
June 2026 FulcrumSec claims 1.3 terabytes exfiltrated
June 2026 Hackers demand $25 million ransom payment
June 2026 Researchers trace entry to GitHub token
June 2026 Token found in client-side JavaScript code
June 2026 Group claims Ozempic, Wegovy manufacturing data
June 2026 Attackers allege theft of AI drug models
June 2026 Company confirms limited systems unauthorized access

Why This Matters to You

Your health could be affected. If the hackers have indeed stolen drug formulas and clinical trial data, they could misuse it. This could impact the safety of medicines you rely on. Always check the source of your medication.

The Bottom Line

Novo Nordisk, a major drugmaker, is under cyber attack. The hackers claim they've stolen vital data and want $25 million. The company is working to resolve this. Worth forwarding if you know someone who uses Novo Nordisk products.