Novartis claims no sensitive data breach in latest cyberattack by Industrial Spy.

July 6, 2022

INCIDENT

June 2022: Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. On June 2, 2022 the hacking group began selling data allegedly stolen from Novartis on their Tor extortion marketplace for $500,000 in bitcoins. The data being sold consists of 7.7 MB of PDF files, which all have a timestamp of 2/25/2022 04:26, likely when the data was stolen. As the amount of data for sale is minimal, it is not clear if this is all the threat actors stole or if they have further data to sell later.

Novartis declined to answer any further questions about the breach, when it occurred, and how the threat actors gained access to their data.

Incident Date

February 25, 2022

Estimated Cost

unknown

Victims

Type of Malware

No Malware identified

Threat Source